On Saturday, February 12, 2011 09:02 PM, Natxo Asenjo wrote:
> On Sat, Feb 12, 2011 at 3:38 AM, Drew<drew.kay@xxxxxxxxx> wrote:
>>> RHEL and CentOS have much, much tighter basic privilege handling. The
>>> complexity of the NTFS ACL structure, for example, is so frequently
>>> mishandled that it's often ignored and simply dealt with as
>>> "Administrator". The result is privilege escalation chaos.
>>
>> And how is the user-group-world permissions system any better?
>>
>> I work daily with both *nix& NTFS ACL's and given the choice I prefer
>> NTFS' for the finer grained control.
>>
>> You want to create a folder in which user A& B have access to but
>> nobody else? In *nix you create a group that both those users belong
>> to and set the folder to use that group's permissions. In NTFS you set
>> the ACL's so those two users have (almost) full access to the folder.
>> Simple enough.
>
> in unix you can use acls as well. See getacl/setacl. No sweat.
>
> Anyway, neither in windows nor in unix/linux you want to specify
> permissions on a per user level. Always groups. If the user leaves the
> company and the permissions are on a per user level you need to start
> all over again. If on a per group level, just disable/remove the user
> from the group and it keeps working for the rest of members.
And what do you do when you have cases that a user needs access to these
set of files/directories but not all the files/directories the group has
access to?
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
