[olug] share a folder rw, but not deletable?

William E. Kempf wekempf at cox.net
Thu Mar 27 14:56:14 UTC 2003


Jay Hannah said:
>
> Brian Wiese wrote:
>> |A user can delete a directory only if they have write permissions to
>> the |directory above the directory in question.
>>
>> Great, this... 'will work' and I can make it happen, thanks!  I'm
>> really starting to realize just how limited a filesystems is without
>> mandatory and discretionary access control lists.  It's just an odd
>> thing to keep in mind (of several I've discovered) difference between
>> Unix and Windows NTFS file systems... where you can give a user
>> "delete" permissions.
>
> Limited? How so? What can't you do? Once you spend a half hour learning
> it, Unixy file permissioning is easy. I've never bothered to care about
> WinX file permissioning. (I am not an MS admin.)

Apply more advanced security.  For example, I administer multiple CVS
repositories for a few development teams.  We would like to have a
repository secured such that: Team A has full access; Other Teams have
read only access; Everyone else has no access.  But Linux security
(without ACLs) doesn't allow this granularity of security, since only a
single user and a single group is allowed access.  (I do know work
arounds, after doing a lot of research, so I'm not asking for help on this
particular security case.  Just pointing out that the standard file
permission scheme used in Linux isn't up to the task.)

Yep... Linux security is pretty easy to deal with.  But with out ACLs it's
not very flexible.

-- 
William E. Kempf




More information about the OLUG mailing list