FreeBSD Access Control Lists

BSD Forums writes "The Unix permissions model has worked for decades due to its flexible simplicity. It's not the only approach, though. FreeBSD 5.0 supports Access Control Lists, which allow for more flexible permissions. Daniel Harris explains what ACLs can make easier."

Re:Now correct me if I'm wrong...

[nathanh]

But Windows NT has had ACLs for some time now. A lot of people have derided the concept. But as far as I can see, they are a complete superset of the Un*x system. It's pretty hard to argue that it's not as good.

Other operating systems, including UNIX, have had ACLs before Windows NT even existed and the concept was derided then as well. This is not a "Un*x vs Windows" argument. Please don't turn it into one.

The typical arguments against ACLs are:

• ACLs add complexity to the filesystem code; making the filesystem slower, buggier, harder to write and more difficult to prove.
• ACLs add an administrative overhead to the system. In a nutshell, ACLs can get messy very quickly. Very hard to debug certain problems.
• ACLs can remove rights from accounts that actually need them. Typical problem is removing read-rights from the backup account.
• ACLs require more complex userspace tools. This makes userspace tools bloated, potentially buggier and harder to use.

The trick, as with all computing, is to weigh the benefits vs the costs. Sometimes you need ACLs and then it makes sense to introduce the extra complexity. Other times it makes no sense at all, so you dispense with them. For example, there's not much value in ACLs for an embedded UNIX with a single user (eg, a PDA). There's definitely a lot of value for ACLs with a multiuser UNIX or a UNIX fileserver. You need to decide when it makes sense to have ACLs and when to use UNIX ugo, not make blanket statements about one being better than the other.