Thanks for pointers received. I should, of course, have mentioned that the
specific aspect I'm having trouble with is the area of default ACL entries
for directories, about which I can find precious little out there on the web.
There are articles at SunWorld Online:
http://www.sunworld.com/sunworldonline/swol-08-1996/swol-08-security.html
http://www.sunworld.com/sunworldonline/swol-06-1998/swol-06-insidesolaris.html
that go as far as anyone goes. The particularly knotty part is that the
implementation of default ACL entries, as far as `what happens when a file is
created' is concerned, changed between 2.6 and 7, it seems. On 2.6 and
earlier, the umask is used in determining initial permissions, but on 7 (and,
presumably, later?) it isn't. This is reflected in a change in the last
paragraph of the `DESCRIPTION' entry on the setfacl(1) manual page. Because
I wasn't being too fussy about which box I tested things out on, I was getting
inconsistent results and I couldn't see why. Now that I _know_ they're
_supposed_ to be different, I can go round again...
Thanks,
Sam.
-- Sam Nelson, Comp Sci, Stirling U, FK9 4LA, Scotland ,->0->M Email: sam@cs.stir.ac.uk Phone: +44 7050 165499 I->3-+->2->R=->-+->4->O Office: +44 1786 467443 Fax: +44 1786 464551 `->1->S=->-' URL: http://www.cs.stir.ac.uk/~sam NS80799622/38m R$+@$+ $@smtp$#$2$:$1@$2
This archive was generated by hypermail 2.1.2 : Fri Sep 28 2001 - 23:13:19 CDT