[E-Lang] Java 2 "Security" (was: Re: WelcomeChrisSkalkaandScottSmith of Johns Hopkins)

Nikita Borisov nikitab@cs.berkeley.edu
26 Jan 2001 19:16:21 GMT


In article <3A719055.A7633D1A@algroup.co.uk>,
Ben Laurie  <ben@algroup.co.uk> wrote:
>David Wagner wrote:
>> That's what `chmod g+r G` does: Hand off just read access to the
>> file (not write access) to members of the group G.  It works even
>> if the owner has both read and write access.  It's most definitely
>> not nearly as flexible as I'd like, but it's not all-or-nothing,
>> either.
>
>I had a feeling you meant this, and it is only just not all-or-nothing.
>In particular, there's a relatively small (in comparison to the number
>of files on a system) number of groups, and only root can change group
>membership! So, in order to allow users to actually use this facility, I
>have to give them root. Nice!

But this is a property of unix permissions, and not ACLs.  Some unix
systems, for example, have extensions to allow arbitrary ACLs, without
root intervention.

- Nikita