Does anything in Linux work *well* 1564

On Sat, 5 Mar 2005 23:54:54 -0800, Jim Richardson

Actually, they are. At least on Windows (I don't know how ACL's are implemented under Linux, but I would hope it's similar). ACL's are tied to ID's, and no ID is ever used twice. That means if you add a user to a group, there is *NO POSSIBILITY* that a later user with the same name would ever get access. Groups also use ID's, rather than names.

Simply put, it's impossible for this siituation to exist on a properly implemented ACL system. In this case, UGO isn't really the fault in and of itself, but rather the Unix group system, which abandons the concept of ID for group membership, but uses it for everything else.

No, they can't. If you restore an old SAM file, the group may get restored, but there is no way for a different user of the same name to get access because ACL's are ID based, even for groups.

Clueless, or simply human. If the OS allows a mistake to be made, eventually someone will make it.

As I said in my original statement, my point was not that Linux can't use ACL's. It was the implication that UGO is more secure than ACL's by the person I responded to. I am pointing out ways in which that is simply not true.