[OpenAFS] Implicit privilege to do "fs setacl" in a directory
Frederic Gilbert
Frederic.Gilbert@inria.fr
Wed, 24 Jan 2007 17:27:51 +0100
Derrick J Brashear wrote:
>> On the other hand, we found out that one can apply "fs sa" on a
>> directory, even if he is not in the ACL table, and even if he is not the
>> directory's owner, but if he is the owner of the mounting point of the
>> volume where the directory resides.
>
> The latter behavior was always true. the change to the former is new in
> 1.4, i don't remember the rationale but it was discussed on the list.
Thank you for your answer.
I tried to look for the discussion on -info and -devel with some obvious
keywords, but did not found it (I will try my luck again later).
However, unless I missed something again, the files documenting "fs
setacl" in openafs-1.4.{1,2}-doc.tar.gz always speak only about
directory's owner (the three lines in my original post), which is confusing.
Best regards,
Fred.