[rsbac] ACLs and Samba

[Michael Bode]

Amon Ott <ao at rsbac.org> writes:

> The reason is that the standard Unix group administration is insecure: It 
> usually only depends on an uncontrolled editing of a file (/etc/group), and 
> the superuser root can assign any group to a process.
> 
> Additionally, the ACL groups can be private or global, each user can have an 
> individual set of them and there is no limit on the number of groups a user 
> can be in at the same time.

So if I would want to migrate a Windows NT fileserver to Linux/Samba I
could roughly simulate the Windows ACLs if I would duplicate the
NT domain groups as ACL groups and grant the access rights to these
groups? 

-- 
PGP Key: http://home.t-online.de/home/michael_bode/downloads/michael_bode.key