A visual guide to ACL Access-Control Lists

gabriele97@lemmy.g97.top to Linux@lemmy.ml – 599 points –
lemmy.g97.top
48

You are viewing a single comment

Technically, this is also possible by creating extra groups, but this kind of access control presumably exists because the old-school method can be a pain to administer. Choosing group names can also be an "interesting" secondary challenge.

i.e. Dude's not going to be best pleased if they ls -l and see the group on the file is xyzgroup-but-not-dude even if it is with good reason. (Shouldn't have deleted the database, dude.)

I don't really think that that's a realistic goal for ACLs. I mean, getfacl showing the user specifically being excluded probably isn't any more-polite.

In a previous life (in the 90s) I was a un*x sysadmin, and ACL is nightmarish in big company, I hated it and avoided it