[rsbac] ACLs and Samba
Michael Bode
Michael_Bode at t-online.de
Tue Apr 29 18:58:43 MEST 2003
Amon Ott <ao at rsbac.org> writes:
> The reason is that the standard Unix group administration is insecure: It
> usually only depends on an uncontrolled editing of a file (/etc/group), and
> the superuser root can assign any group to a process.
>
> Additionally, the ACL groups can be private or global, each user can have an
> individual set of them and there is no limit on the number of groups a user
> can be in at the same time.
So if I would want to migrate a Windows NT fileserver to Linux/Samba I
could roughly simulate the Windows ACLs if I would duplicate the
NT domain groups as ACL groups and grant the access rights to these
groups?
--
PGP Key: http://home.t-online.de/home/michael_bode/downloads/michael_bode.key
More information about the rsbac
mailing list