Find the answer to your Linux question:
Results 1 to 5 of 5
Does any body know the pros and cons of ACLs Should I install it and configure it? It sounds like it is going to configure my groups and users for ...
  1. 05-27-2010 #1
    xilus
    xilus is offline
    Just Joined!
    Join Date
    Nov 2009
    Posts
    27

    Pros and Cons of ACLs

    Does any body know the pros and cons of ACLs
    Should I install it and configure it?
    It sounds like it is going to configure my groups and users for me, and make a big mess of my /etc/passwd file

    am I wrong?
    Reply With Quote Reply With Quote
  2. 06-02-2010 #2
    raghaven.kumar
    raghaven.kumar is offline
    Linux Newbie raghaven.kumar's Avatar
    Join Date
    Mar 2008
    Location
    Bangalore, India
    Posts
    209
    ACL or Access Control List is used to set more of permissions on a file or folder.
    It is, ofcourse useful, provided you are well versed on setting the permissions using setfacl.
    Advantages
    Reply With Quote Reply With Quote
  3. 06-10-2010 #3
    Rubberman
    Rubberman is online now
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, or in a galaxy far, far away.
    Posts
    8,956
    On Linux, ACL's are part of the SELinux extensions. They can be very useful for sensitive systems with a lot of "curious" users running on them in order to keep things sane. Hoever, configuring SELinux properly is not simple and there are several levels of security you can set it to, depending upon your needs. Read the documentation before you start.

    Also, in case you're curious, SELinux was a collaboration between the United States National Security Agency (NSA), Network Associates, Secure Computing Corporation, Trusted Computer Solutions, and Tresys.
    Quote Originally Posted by Wikipedia
    From NSA Security-enhanced Linux Team:

    "NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. It provides an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications. It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals."
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!
    Reply With Quote Reply With Quote
  4. 06-10-2010 #4
    xilus
    xilus is offline
    Just Joined!
    Join Date
    Nov 2009
    Posts
    27
    thanks for the information.

    Are ACLs a replacement for regular linux permissions?
    Or just an enhancement to regular linux permissions?
    Reply With Quote Reply With Quote
  5. 06-10-2010 #5
    Rubberman
    Rubberman is online now
    Linux Guru Rubberman's Avatar
    Join Date
    Apr 2009
    Location
    I can be found either 40 miles west of Chicago, or in a galaxy far, far away.
    Posts
    8,956
    Quote Originally Posted by xilus View Post
    thanks for the information.

    Are ACLs a replacement for regular linux permissions?
    Or just an enhancement to regular linux permissions?
    Yes.
    Both, actually. Consider regular file permissions to be a subset of ACLs.
    Sometimes, real fast is almost as good as real time.
    Just remember, Semper Gumbi - always be flexible!
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules