From: Chris T. <chr...@gm...> - 2012-06-22 22:30:13
|
Hi, There was supposed to be an eXist version of the umask facility implemented to allow an administrator to augment the default permissions. I believe that there are still several aspects of the defaults that are problematic - but they may have been fixed - including the sometimes (always) need to modify top-level /db permissions during installation Chris On Jun 22, 2012, at 10:15 AM, Joe Wicentowski wrote: > Hi Dmitriy, > >> I answer by reading the code at CollectionConfiguration, so my guess that it >> should work or removed from code. > > Interesting, thanks for this info. > >> This was not a way to changing permissions, but way to define permissions for new resources/collections. > > Right, I understand. > >> My question back: do you need this or not? > > Briefly, no. But more verbosely: I took the previous statements as > definitive. I understand that the new system is informed by the Unix > security model, and since I trust that smarter people than I developed > the Unix security model for good reasons, I've adapted to the new > immutable default permissions. > > I've been using the current system in testing and production for > several months. I've learned many methods to set permissions, and I > use them all depending on the situation: I set permissions manually > via the "sm" module (http://exist-db.org/exist/functions/sm), opening > and saving in eXide, the Java admin client, or via ant scripts or > EXPath Repo pre-install.xql scripts. > > That said, it would be nice if there were an easier way to do things. > I recall Adam saying that, "New ACL's will permit inheritance in the > near future, so this would be > the mechanism for replace such use cases." (See this thread - > http://markmail.org/message/mtc3w5xbsmnqg3se.) > > Cheers, > Joe > > ------------------------------------------------------------------------------ > Live Security Virtual Conference > Exclusive live event will cover all the ways today's security and > threat landscape has changed and how IT managers can respond. Discussions > will include endpoint security, mobile security and the latest in malware > threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ > _______________________________________________ > Exist-open mailing list > Exi...@li... > https://lists.sourceforge.net/lists/listinfo/exist-open |