[Cryptography] Do capabilities work? Do ACLs work?
Dave Horsfall
dave at horsfall.org
Thu Feb 12 03:08:14 EST 2015
On Wed, 11 Feb 2015, Peter Gutmann wrote:
> Having said that, ACLs are better-suited to expressing most of what
> users want then capabilities. The reason why both Unix and Windows use
> groups and permissions the way they do isn't because of a grand
> anti-capability conspiracy, it's because that's the most
> practical/real-world-applicable way to do it.
I never cease to be astonished that groups are not used more often; one of
my favourite sayings was that if you think you need set-uid, you can
almost certainly use set-gid instead.
--
Dave Horsfall DTM (VK2KFU) "Bliss is a MacBook with a FreeBSD server."
http://www.horsfall.org/spam.html (and check the home page whilst you're there)
More information about the cryptography
mailing list