On Sat, Jan 11, 2014 at 09:41:19AM +0900, Joel Rees wrote: > But I may be wrong.I don't use ACLs.
This normally sets alarm bells off in my head... > I may be wrong here, but how could ACLs override the native > permissions system randomly without opening tons of new opportunities > for discovering vulnerabilities? You do misunderstand what ACLs are for. Consider the classic UNIX permission model and permitting the apache httpd daemon to read your web documents. Unless the httpd daemon is owner or a member of the group for your web documents, you must set o+r. With ACLS, you can specifically allow the httpd user to read the file(s), but nobody else. -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140114095604.gc20...@bryant.redmars.org
