Re: Pls discuss its purpose for the followwing command:set security/acl=(option=default)

kismet_1 · ‎06-06-2005

Are there any difference that the command have the option and have not?

Ian Miller. · ‎06-06-2005

an ACE with options=default is used on a identifier ACE on a directory to specify a ACE to be applied to new files created in then the ACE would speccify access to the directory.

____________________
Purely Personal Opinion

Jan van den Ende · ‎06-06-2005

Kismet,

with this command you invoke the second stage of a sequence of security options.

One of the things that can be defined in the security ACLs of directory files, is the clause O=D (short for: OPTIONS=DEFAULT)
This just means, that the options specified are NOT active for this file, but apply to files created IN this directory (nota bene: SPECIFIC protection settings on the creation command takes precedence, and after that, for creating higher versions of existing files, THEIR protection does) the ACL option protection is applied.

Now, if there somehow is or might be a discrepancy, and you want the protection changed to that specified by the ACL of the directory, THEN you use this command, to make the specified file(s) have the protection as specified in the directory ACL

hth,

Proost.

Have one on me.

jpe

Don't rust yours pelled jacker to fine doll missed aches.

kismet_1 · ‎06-06-2005

Thanks very much above two friends !

Joseph Huber_1 · ‎06-06-2005

Just adding some points:
You can have both types on a directory:
the one without the option=default applies to the directory file itself, and specifies for example who can write (create files) in the directory (which could be access=R+W+E).
The default ACE specifies the access rights for the files created in the directory, which could be restricted to Read-only for example.

And if You are going to correct the directory mentioned in Your other thread about sql output: files already existing when You set the ACL on the directory are not affected, You have to set it on all files individually:
$ set acl/acl=(ident=...,access=...) [.mydir]*.*;*

Identifiers in an ACL need not be UICs or usernames:
It can be any identifier with the RESOURCE attribute (in AUTHORIZE created by a command like ADD/IDENT sqluser /attrib=RESOURCE.
You can then grant the identifier to all users which should be able to produce files in the directory, and SET/OWNER=sqluser mydir.DIR .

http://www.mpp.mpg.de/~huber

kismet_1 · ‎06-07-2005

Thanks your adding!

Ian Miller. · ‎06-07-2005

See also SET SECURITY/DEFAULT which can be used, after you have set default acls on directories, to ensure the existing files in a directory have the correct protection.

____________________
Purely Personal Opinion

comarow · ‎06-08-2005

Default should give the same protection to the files in the directories. That's very useful for file ownership and disk quotas.

I haven't done it in a while. Great for shared project directories.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: Pls discuss its purpose for the followwing command:set security/acl=(option=default)

Pls discuss its purpose for the followwing command:set security/acl=(option=default)