ACLs don't have to be complicated. The Windows ACL implementation has a nice feature of being able to inherit the parent's ACL as a base for the file's ACL.
If every file in the system has this bit set in their ACL, the permissions of the root directory will apply to every file on the system. If you apply an ACL to someone's home directory, those permissions will apply to every file inside it, etc.
This covers much of the ease of use problems with ACLs, since you don't usually need to apply ACLs to many files/directories.
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds