Naming convention flames

Rui Miguel Seabra rms at 1407.org
Fri Apr 2 16:06:42 UTC 2004


On Fri, 2004-04-02 at 10:51 -0500, Robert P. J. Day wrote:
> then why would you make "doe" a member of "staff" in the first place?
> again, i *know* what you're getting at.  what i'm arguing is that many of
> the examples i see promoting the use of extended permissions, including 
> ACLs, are little more than a misuse of standard permissions.

My specific case:

1 application server is run with user AS
2 application's files are own by user A
3 AS must be able to read application files (but not write)
4 application's files should not have any 'o' permissions.
5 production users must be able to change application files


> > > unless i've totally misread what you were getting at.
> > You must've missed the point of ACLs.
> 
> au contraire, i understand ACLs pretty well.  all i'm harping on is the 
> sometimes lame examples people use to justify their existence.  there's 
> enough *good* justification for ACLs that one shouldn't need to dredge
> up *bad* justification. :-)

Ok, sorry for misunderstanding you! :)

Rui

-- 
+ No matter how much you do, you never do enough -- unknown
+ Whatever you do will be insignificant,
| but it is very important that you do it -- Gandhi
+ So let's do it...?

Please AVOID sending me WORD, EXCEL or POWERPOINT attachments.
See http://www.fsf.org/philosophy/no-word-attachments.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20040402/88ee0fbd/attachment.sig>


More information about the fedora-selinux-list mailing list