[mdlug] ACLs difficult to administer?

Aaron Kulkis akulkis00 at gmail.com
Sun Oct 12 19:57:17 EDT 2008 

Jonathan Billings wrote:
> On Oct 11, 2008, at 12:58 PM, Dean Durant wrote:
> 
>> Hello, say the usual format of ugo (user, group, other) isn't  
>> sufficient in a certain situation.     You need multiple groups with  
>> multiple sets of different permissions.    You can do it with  
>> ACLs.    Are ACLs hard to manage?    Is NTFS any better?   Why might  
>> someone say so?     What is the tie-in with samba?   If someone says  
>> ntfs is easier, are they just being lazy?    Thanks,
> 
> I think NTFS users aren't really lazier, it's just they have a  
> filesystem with ACLs that is more fully capable than what most Linux  
> users are familiar with.

Bulls**t.
Ext3 and other Linux filesystems offer ACL's.

The reason they are rarely used on Linux is because,
quite frankly, they are unnecessary but all for the
most extreme circumstances

>                            While it's possible to use POSIX ACLs on  
> ext3 filesystems, how often do people use them?

Exactly.
They aren't normally used on ext3 BECAUSE THEY AREN'T NEEDED.


> 
> ACLs can give you the ability to have more than one user and group  
> assigned to a file or directory.  Sure, as others have mentioned, you  
> can have complex listings in groups, but honestly, I believe that's  
> just a hack to get around the fact that the user/group/other method of  
> defining access to files and directories isn't sufficient for complex  
> situations.  NTFS ACLs can be tied to users and groups in the AD  
> domain as well as local user/groups, unlike UNIX permissions.

There's only one situation which I have *EVER* run across
which REQUIRED ACL's, and that is the handling of classified
information within the military.

In fact, before the NSA "Orange Book" was published, nobody
ever stated a need for ACL's, or even anything like them.

The fact of the matter is, ACL's are ballyhooed by Microsoft
because they don't offer any alternatives.


> 
> I think the advantage you can get with ACLs on an SMB volume is that  
> they can be tied to an authenticated user.  NFS with normal UNIX  
> groups, on the other hand, are purely based on the numeric value of  
> the local users and groups on the client.  If the user has root on the  

Which is an SMB administration problem.
If I have admin access on a Windows machine, I have the same
ability to read anything as Unix/Linux root access allows.

I know, because I've done it -- it's absolutely required that
the admin user have such ability, or else restoring user files
after Windows self-destructs would be somewhere between
impossible and a horrific nightmare of a task.

> client, they can easily pretend to be whatever user or group they see  
> on the server.  There are ways to secure NFS with Kerberos, but it's  
> rarely used.


> 
> ACLs are pretty useful if you have them.  Unfortunately, I don't think  
> that Windows users really know about them or use them, but it's pretty  
> useful if you're a windows admin.  I know I use AFS ACLs quite often  
> on Linux and Solaris systems, and they're quite powerful.
> 

ACL's are pretty useful when you have nothing else available.
Otherwise, they're highly overrated, because their usefulness
is moderate, and are very labor intensive to administrate in
any sort of data recovery scenario.

This opinion is formed on a foundation of 28 years of experience
in IT, and having used and/or administrated close to a dozen
different operating systems (counting all flavors of Unix
as 1).

More information about the mdlug mailing list