Talk:Access control list
|WikiProject Computer Security / Computing||(Rated Start-class, High-importance)|
- 1 Untitled
- 2 Linux and acl?
- 3 Used in legal argument
- 4 'Protection' does not use ACLs to model resource protection
- 5 Text is hard to understand
- 6 OpenVMS
- 7 Inappropriate and Unrelated External link
- 8 lack of disadvantage
- 9 pile of links in the middle of the article
- 10 Pronunciation
- 11 Unintelligible, sloppy language
- 12 Removing alert for originally based
- 13 Example in introduction
Different objects will also need different ACLs, rwx is enough for a file but there will need to be additional administrative privileges, while generalised security ACLs can have fifteen or more privileges set.
This comment appears to be arguing against the use of ACLs, but fails to be very clear nor provide much support for its point. If it is referring to the fact that some objects might have many possible access rights that could be for it, then that problem would not only be shared by capability-based systems, but the goal of making such systems more fine-grained than their ACL-based counterparts would actually make them worse in that regard. If this comment belongs here, could someone rewrite it to be clearer and put it back? Eric22 23:48, 2004 Mar 19 (UTC)
Linux and acl?
SELinux is Mandatory access control, not acl, as far as I know. acl is just implemented - try a modern Linux distribution, mount a ext3 partition with the acl option and open the file properties dialog in KDE 3.5 (ok, that's still beta) - there you will find a standard acl management. --126.96.36.199 03:03, 5 November 2005 (UTC)
Used in legal argument
'Protection' does not use ACLs to model resource protection
ACLs are an abstract way to model and thus discuss the protection of resources in general. This was first done by Butler W. Lampson in his 1971 paper Protection.
That paper doesn't use ACLs for this, it uses the Access Control Matrix model. It only mentions ACLs as one of several possible implementations of models based on access control matrices (and it is not the case that all such models are equivalent in security). I would fix it, but the correct statement doesn't belong in this article at all; it belongs at Access Control Matrix. DavidHopwood 19:29, 22 July 2006 (UTC)
Unless anyone objects, I will remove the whole paragraph. "Authentication in distributed systems: theory and practice" describes a complicated system with role-based and cryptographic extensions, so it does not justify the claim that plain ACLs are maximally general, anyway. DavidHopwood 19:35, 22 July 2006 (UTC)
Text is hard to understand
||This article may be too technical for most readers to understand. (September 2010)|
ACLs, Capablities and Role based security systems are explained in a quite... complicated way from my point of view. They are telling too much for person who knows nothing about them, thought having much information in them. I'd like if one could explain those more clearly for normal person who knows very little about security, maybe illustrate.
- ACLs are not for lay persons. Get over it.
(The preceding comment was not signed by anybody.) I agree with the above comment, and have rewritten the introduction to try to provide a more concrete definition of what an ACL is. Ka-Ping Yee 10:37, 3 January 2007 (UTC)
I agree with earlier comments that this article is too technical, some examples might help. http://deathrow.vistech.net is a public-access OpenVMS system where you can log in and do EDIT/ACL as much as you want. I suspect the OpenVMS implementation of ACLs is as close to the withdrawn POSIX standard as you'll get. I am user DC on the above-mentioned system and would happily show places such as the web server where ACLs control the security. --Brianmc 21:37, 1 February 2007 (UTC)
A user with at least two anonymous IP has been adding the following external link, no matter my removal in one occasion.
This appears to be a case of advertising that goes against the External Links policy and I have therefore Undone the latest change. Should the user in question feel that the link is appropriate and relevant to this page, I'd invite him to post his point of view here, so that it can be properly discussed. Thank you! -- manu3d (talk) 11:14, 15 April 2008 (UTC)
- No worries. That's totally spam.
lack of disadvantage
- What's an artile? Is it on the keyboard near caps lock?
I feel it's important to note how the word is pronounced in the technical register; "ackle". Is it appropriate to add and if so, where? —Preceding unsigned comment added by 188.8.131.52 (talk) 06:49, 7 March 2011 (UTC)
Unintelligible, sloppy language
The section "Filesystem ACLS" contains this statement:
- "Each accessible object contains an identifier to its ACL."
I have no idea what that actually means. What is an "identifier to (an) ACL"? "Identifier" usually denotes a short string, usually of alphabetic characters, that acts as a key in a dictionary look-up, and represents the associated dictionary value in the context where the identifier occurs.
Does the object contain an identifier, that acts as a pointer through a table or dictionary lookup, to the object's ACL? I believe an "accessible object" could be a file. Most file systems allow perfectly random contents to be saved in files, e.g., a string of 20 binary zero bytes. Does this file contain zero bytes, or does it contain identifiers? Or does the author mean that the file system associates each accessible object with such an identifier?
But if so, is not this an arbitrary implementation detail? Which implementation of ACLs use such identifiers? Do all implementations use such identifiers?
It dawns on me that perhaps the author is referring to a technique to save storage space in file systems, where often very many objects have identical ACLs. So instead of storing the actual acl with each object, a shorter data item, a pointer or an identifier, is stored with the object, and the actual acl data is stored separately.
If this is the author's point, the statement should be removed. It has no logical function in that context.
Actually, the whole section should be rewritten. Decide what exactly you assume that your reader already knows (and why: is it a logical assumption?), and then build on that to introduce new ideas gradually.
In view of the space-saving technique of storing identical ACLs just once, you may think of this actual stored acl as something that applies to many files. But file systems that use acls have tools that are built to uphold the illusion that each file or directory or whatever, has a separate acl. For instance, tools to modify the acl of a particular file will not modify the acls of other objects that initially had the same acl. The file in question will be associated with a different acl after the operation. If the new value of the acl happens to be the same as some other existing object is having, then the file in question may be associated with the acl of that existing object. Otherwise a new acl is created and the file is associated with it. But all this space-saving machinery is really not part of the concept of "acl". Explain first what an acl is: An access control list. It identifies one or more users (actors, user accounts) or groups of users, and indicates permissions or privileges (or prohibitions) to grant to the identified users. To make it more meaningful, give examples. Much later you may perhaps discuss the space efficiency issues.Cacadril (talk) 19:40, 26 January 2012 (UTC)
Removing alert for originally based
Removing "This article was originally based on material from the Free On-line Dictionary of Computing and is used with permission under the GFDL": it is Deprecated. See the moment where it was with some significance:
Example in introduction
The introduction to the article contains the following text:
Each entry in a typical ACL specifies a subject and an operation. For instance, if a file has an ACL that contains (Allow, deny), this would give permission to access the file.
From what I think I know of ACLs it seems that an entry contains a user and an operation. If the writer meant that, it could be clearer. More importantly, the pair (Allow, deny) does not seem to be an instance of that rule. Unless the writer meant that it gives user 'Allow' rights to use the operation 'deny', which is a strange, unrepresentative example.