(really stupid) Zone file question
Paul Lussier
p.lussier at comcast.net
Fri Nov 4 08:47:00 EST 2005
(Yeah, I know this is from May, but I just got around to this thread now :)
Derek Martin <invalid at pizzashack.org> writes:
> I haven't finished the article yet, but I've read enough to be able to
> provide an example of the above (and point out factual errors in the
> article).
>
> Premise: ACLs are needed, because (in the words of the article), "it's
> still not hard to construct scenarios in which they do not offer
> enough control."
>
> Arguments can be made, but I'll go ahead and strongly disagree with
> that statement. Don't worry, I'll explain why.
[...great explanation and details omitted...]
> Using this method really isn't that tough, but it DOES force you to
> think about how your users are using their data, and organize where it
> lives in the filesystem accordingly. Detractors argue that ACLs are
> better, because they're easier to set up, more flexible, and don't
> require you to think so hard about your data. My argument is that
> Unix permissions are better, for precisely the same reason: they force
> you to work in an organized, logical manner.
The only thing I wish UNIX systems had were hierarchical groups. It
would be really nice to be able to have groups of groups similar to
the way netgroups works. Of course, with a creative use of netgroups
and sudo, you can work around that pretty easily.
--
Seeya,
Paul
More information about the gnhlug-discuss
mailing list