Linux security

Alan McKinnon alan at linuxholdings.co.za
Sat Apr 29 19:29:19 UTC 2006 

On Saturday 29 April 2006 08:40, Michael T. Richter wrote:
> On Sat, 2006-29-04 at 02:30 +0000, William Grant wrote:
> > > I can go right down into the nitty-gritties, in Windows (NT+),
> > > and say "this file is only readable to this one user, only
> > > executable by this one other user, can be write-appended (but
> > > not read) by this group of users and can be read/write accessed
> > > by this other group over here". Nothing in sudo/chroot/et al
> > > gives me anywhere near that level of security control unless I
> > > include an add-on that's subverted by half the utilities out
> > > there.
> >
> > Hmm. I could have sworn that I used such things on my Linux
> > server constantly. Or am I imagining getfacl and setfacl?
>
> Another bolding.  I just downloaded the acl utilities from
> universe. Where's the "write-append" access?  Even with the acl
> extensions in place you still can't match the functionality that is
> in Windows NT-based systems out of the box.

Why do you want that fine level of control? I've yet to see a valid 
case where such fine control on a file system is truly indicated.

I see what you are getting at - being able to allow/disallow specific 
actions on file by file basis. But keep in mind that each new 
combination of facility/control doubles the number of settings, and 
this very quickly gets out of hand and becomes a maintenance 
headache. Witness the number of Windows boxen where the user runs as 
an admin just to get their work done. Yes I know there are ways to 
avoid this, but how many people really do it? Reading between the 
lines I suspect you do, but that'll make you one of a very few that I 
know of to have made that claim.

Very fine grained control is very useful in a database for example, 
where the data domain being stored is narrowly defined. But in 
something as generic as a file system I don't see it being used much 
outside of very specialized needs. And just because something can be 
done doesn't mean it should be done.

If you want write-append access, ext2 implements an append-only 
attribute.

-- 
If only you and dead people understand hex, 
how many people understand hex?

Alan McKinnon
alan at linuxholdings dot co dot za
+27 82, double three seven, one nine three five

More information about the ubuntu-users mailing list