Not logged in
Log in now
Create an account
Subscribe to LWN
LWN.net Weekly Edition for May 23, 2013
An "enum" for Python 3
An unexpected perf feature
LWN.net Weekly Edition for May 16, 2013
A look at the PyPy 2.0 release
Also, the way you assigned rights was simple: take an object (user, group, department, etc.), assign it to a dir with rights, and specify if it's for subdirs as well or only this dir.
And when you didn't have a right on a dir, you didn't even see it. I dislike the Windows approach of seeing a share, and upon click you get the info "no permission". That's just stupid.
Access Control: take them from Novell Netware
Posted Nov 18, 2010 11:09 UTC (Thu) by dgm (subscriber, #49227)
Posted Nov 18, 2010 18:43 UTC (Thu) by jeremiah (subscriber, #1221)
Posted Nov 18, 2010 22:06 UTC (Thu) by zmi (guest, #4829)
Posted Nov 18, 2010 19:05 UTC (Thu) by jeremiah (subscriber, #1221)
you had a file/object, and a list of permissions/security attributes for each object. Object could be a group of objects, but group depth was not a concern. Mutiple applications (controlled by us) could access the permissions, and make decisions based on what they found. If there was a permission that they didn't understand, access was not allowed. This was a situation where we could trust the apps, and not the people. We also took the approach that permissions were subtractive. Everything started as readable/writable and access could only be removed. The nice thing about this was that it was extendable.
This isn't relevant to Novell ACL's just trying to get people's thoughts.
Posted Nov 18, 2010 22:09 UTC (Thu) by zmi (guest, #4829)
Posted Nov 18, 2010 23:41 UTC (Thu) by jeremiah (subscriber, #1221)
Posted Nov 19, 2010 13:19 UTC (Fri) by jeremiah (subscriber, #1221)
I think SELinux is amazingly complete. It allowed us to implement a solution that always requires 2 users, from a group of 3. You throw LUKS, encrypted drives, and removable media into the mix, and you have as close to a bullet proof scenario as possible. On the other hand, I don't want to have to write code that the average admin can't administer without spending a month dealing with a sharp learning curve.
Like a lot of us here I'm a developer, and a system administrator. When I have my development hat on I try to think of the user, and what they have to put up with, while balancing it with security requirements etc. As an administrator, I know I'm willing to tolerate more than most users. The difficult part for me, is defining my target audience, and understanding their abilities and tolerance, and shooting for that. And sometimes the perfect solution, has to be hobbled security wise, or the product won't sell. The only way I've found to begin addressing that is though intelligent defaults, and meaningful dialogs/user interaction.
I am intrigued by the Netware ACL's though, since you seem to have found a happy place when dealing with them as opposed to other permission systems. Thanks for the input.
Posted Nov 21, 2010 0:35 UTC (Sun) by Fowl (subscriber, #65667)
If you don't find a specific ACE allowing you access, you don't have access.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds