[Acl-Devel] Need creative solution to only change ACL by owner problem
Matt McCutchen
hashproduct+acl at gmail.com
Wed Aug 2 00:15:30 CEST 2006
On 7/31/06, Mont Rothstein <mont.rothstein at gmail.com> wrote:
> I just learned that only the owner of a file/directory or root can change
> the ACLs. We need anyone with the correct permissions to be change the ACLs
> so that other users can be granted access.
A few things you might try:
- You could put everyone who is to have access in a group and give the
group access to the files and directories. Then you could set some or
all of the members as group administrators with gpasswd, allowing them
to add new members.
- Use AFS because its ACLs have an "a" permission that governs
changing permissions.
- There's always a way to do these things with setuid programs, but
they're ugly and difficult to make secure.
Matt
More information about the acl-devel
mailing list