on Sat, Jul 28, 2001 at 09:56:34AM -0700, David Freeman scribbled:
In a deep and meaninful conversation with a list member whom I work with we were discussing the future of computer operating systems. One of the feature that it was decided on would be required to really boost *NIX OS's was on from NT (and Netware) which is file access lists. Does any one know of a way of implementing a per USER based access lists for files on *NIX. i.e.
Yes, lots of work is being done on this, several methods exist now, and will be far more accessible in 2.6.x
file foo.bar can be read by fred and alice, bob has write and read access and Eve has no access.
As far as I am aware there is know way of doing this easily
It really depends on how you define easily really. Several kernel patches and system reconfigurations exist, and one main one is being worked on for 2.5 and 2.6 to unify the approaches kernel-side. Working at the moment: NSA & NAI's SELinux http://www.nsa.gov/selinux/ Linux Intrustion Detection System http://www.lids.org/ and to unify these (hopefully) with projects such as SubDomain (by the people who made StackGuard/FormatGuard): Linux Security Module http://lsm.immunix.org/ http://lsm.antisoft.com/ The first link is potentially dead since they're relocating the server.