LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 11-21-2007, 10:56 AM   #1
iggi
LQ Newbie
 
Registered: Nov 2007
Posts: 29

Rep: Reputation: 16
Use of the "effective rights mask"


Hey everyone,

Small question regarding ACLs (access control lists): can you give me some usage scenarios for the "effective rights mask"? It doesn't apply to the "owner" or "other" users but can affect all other users/groups. Why?!
What is so special about "other" users? Ok, I could use it to restrict users afterwards (doesn't seem the right way...!) ... it doesn't look useful at all ???!

Code:
[iggi@localhost ~]$ getfacl file
# file: file
# owner: iggi
# group: iggi
user::rw-
user:bin:rw-                    #effective:r--
user:ftp:rw-                    #effective:r--
group::rw-                      #effective:r--
mask::r--
other::rw-
Quote:
The line mask:r-- is somewhat special: it displays the effective rights mask. This entry limits the effective rights granted to all groups and to named users. (The file owner and others permissions are not affected by the effective rights mask; all other entries are.)
regards, Dirk
 
Old 11-21-2007, 07:34 PM   #2
chrism01
LQ Guru
 
Registered: Aug 2004
Location: Sydney
Distribution: Centos 6.8, Centos 5.10
Posts: 17,241

Rep: Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325Reputation: 2325
Sounds like it's a max rights limit ie stops you (or anyone else) accidentally granting more rights than you wanted to eg named users.
In general, you'd want all rights to yourself, none to others, and then fine-grained rights to a few people (or groups) that you want to share with, but different rights for each.
Unix's ugo => rwx perms std doesn't go that far.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Toward An Effective "Anti-Piracy" Policy LXer Syndicated Linux News 0 09-20-2007 07:00 PM
user rights for harddrives, writing only in "My documents"? Tentacle Linux - General 3 12-02-2005 09:54 AM
Why I don't believe in "Human Rights" as it exists today vharishankar General 44 09-05-2005 07:52 AM
Lost Execution rights of "chmod" arkus Linux - General 2 10-05-2004 10:58 AM
There is none "inet addr:" or "mask:". wuzhong Linux - Networking 2 08-08-2004 07:12 AM


All times are GMT -5. The time now is 05:56 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration