On Wed, Oct 20, 2004 at 12:38:42AM -0500, Jeff Nelson wrote: > First, VMS is secure because security was designed into the operating > system, not added as an afterthought. For example, the 4-layer ring > design, where the core ring is the most trusted (kernel mode) and the > outer ring least trusted (user mode). Another example: the > specialization of privileges and access control lists. There's just one > privilege (root) with Linux, though access control lists are starting to > appear. What are advantages of ACLs? How do they benefit a medium-sized network? I understand that they are more flexible than the traditional Unix groups approach, but they are also more complex to deal with. I have not seen any good case studies or documentation that explains what problems ACLs solve better than groups. Well-designed Linux distributions have few processes running as root. I realize that there are situations where the extra power of ACLs would come in handy, but most networks don't even make full use of the power of groups. Why should we expect them to use ACLs effectively? Anyway, if anyone has any links to some good information on ACLs, I would appreciate seeing them. I keep hearing about them, but I cannot understand the fascination. -- Jim Crumley |Twin Cities Linux Users Group Mailing List (TCLUG) Ruthless Debian Zealot |http://www.mn-linux.org/ Never laugh at live dragons | _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota Help beta test TCLUG's potential new home: http://plone.mn-linux.org Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list