Of Permissions and ACL

The more I muck around in the world of users, groups and permissions in Panther Server, the more I miss Mac OS 9. Sure, OS security is great and a unified permissions systems all apps have to respect is handy, but UNIX style permissions are really limited.

Of course with HFS+ as our file system, OS level security is not file system level security. If someone can get your drive out of your computer, they can read a write to directories at will. FileVault conquers this issue for user data, but at the cost of some performance and compatibility.

Anyway, back in the OS 9/AppleShare IP days there were still only 3 levels of permissions like there are in OS X. The critical difference was that a group could own a folder (or directory in more modern parlance). As such, it was very easy to give one group or people full access and another group read only access.

In the UNIX world, the solution is to use nested folders. Some enterprising Mac admins have decided that mucking around with user/group IDs is the way to go. Neither solution thrills me.

Tiger Server is supposed to offer Access Control Lists. Other server products have used these in the past and they can offer much greater flexibility than file system permissions, but they come at a price. In Tiger Server, I imagine that the ACLs will be much like WebDAV Realms in Panther Server. You'll give some group that a server daemon is a member of read write access and then the daemon will dole access rights out to other services.

This level of abstraction seems to increase complexity a bit and offer more places for security holes to hide.

Here's to hoping it's just bliss.