On Fri, Feb 11, 2011 at 9:38 PM, Drew drew.kay@gmail.com wrote:
RHEL and CentOS have much, much tighter basic privilege handling. The complexity of the NTFS ACL structure, for example, is so frequently mishandled that it's often ignored and simply dealt with as "Administrator". The result is privilege escalation chaos.
And how is the user-group-world permissions system any better?
I work daily with both *nix & NTFS ACL's and given the choice I prefer NTFS' for the finer grained control.
You want to create a folder in which user A & B have access to but nobody else? In *nix you create a group that both those users belong to and set the folder to use that group's permissions. In NTFS you set the ACL's so those two users have (almost) full access to the folder. Simple enough.
If you *need* that level, you use NTFSv4 ACL's. But the result is often that it gets so complex, so fast, that ever figuring out who ever owned or had access to something in the first place is a nightmare. It slows filesystems, it complicates backups, and it's proven itself fairly dangerous because of the tendency to toss in extraneous access.
Now let's say we want User A to have read only access to that second folder? They're not the owner, and don't belong to the group, so world permissions are your only choice. What if this folder is a confidential folder containing files the CEO & VP should be able to alter but the Admin Assistant needs to be able to pick files from? You really don't want a lowly peon down in shipping seeing the confidential memo now do you?
Yes, it solves some problems. But the complexity and inconsistencies get pretty nasty pretty fast, and I've found the results a nightmare in privilege escalation issues, and the mishandling so very common in basic system configuration files and common software that it's rarely worth the difficulty to resolve.
In NTFS you just add user A to the folder with read only permissions.
Now expand this out to hundreds of folders and watch the *nix groups multiply like rabbits.
Only if you're trying for that fine a grain of control. If you need to handle that fine grained control, it's not a file system issue it's a procedural one.
Admittedly a few areas of NTFS ACL's cause some confusion, inheritance and precedence rules among them, but if you take the time to read how they work and play with it before putting it into production it's actually quite easy to work with.
RTFM? :-)
Easy to work with, and way, way, way too common to screw up.