Why Are List Folder / Read Data Combined?

From: Will (westes-usc_at_noemail.nospam)
Date: 11/22/05

  • Next message: Stive Luinner: "Rename Application Policy and use same OID"
    Date: Mon, 21 Nov 2005 19:45:02 -0800
    
    

    Why are List Folder and Read Data combined into a single privilege? They
    seem like very distinct things, and I can imagine cases where I would want
    users to be able to see the files inside a folder (List Folder) but I would
    not want them to be able to read data in the files they list. The current
    design of ACLs doesn't let you set a permission in the folder that *new*
    files created in the folder will automatically inherit. Instead it looks
    like you have to set one ACL for the folder and then come and manually set
    permissions for files in the folder. That quickly becomes completely
    unmanageable in a large file tree. You like to have ACLs inherit as much
    as possible.

    -- 
    Will
    

  • Next message: Stive Luinner: "Rename Application Policy and use same OID"