Remix clone Hacker News

new | show | ask | jobs Github

▲

opello a day ago

> Each of these characters is replaced by the - character to denote that a permission is absent in the ACL entry.

Wouldn't the o::--- default ACL, like mode o-rwx, deny others access in the way you're describing?

▲

112233 18 hours ago | parent [-]

See 6.2.1 of RFC8881, where NFSv4 ACLs are described. They are quite similar to Windows ACLs.

Here is kernel dev telling they are against adding NFSv4 ACL implementation. The relevant RichAcls patch never got merged: https://lkml.org/lkml/2016/3/15/52

	▲	opello 11 hours ago \| parent [-]
		https://www.rfc-editor.org/rfc/rfc8881#section-6.2.1 I see what I misunderstood, even in the presence of an ALLOW entry, a DENY entry would prohibit access. I am familiar with that on the Windows side but haven't really dug into Linux ACLs. The ACCESS CHECK ALGORITHM[1] section of the acl(5) man page was pretty clear, I think. [1] https://man7.org/linux/man-pages/man5/acl.5.html#ACCESS_CHEC...