OSF DCE Administration Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series

361

362

363

364

365

366

367

368

369

370

Using Access Control Lists

{group_obj rw}

{other_obj r}

Initial Container ACL (Container A’s Initial Container ACL)

{user_obj crwxid}

{group_obj rw}

{other_obj r}

Initial Object ACL (Container A’s Initial Object ACL)

{user_obj crwxid}

{group_obj r}

{other_obj r}

28.6.3 Effect of Masks When Editing ACLs

If the user speciﬁes a new mask_obj ACL entry, then acl modify uses it. Otherwise,

the acl modify command recalculates the mask, using the algorithm shown in the

following paragraph, unless the user has speciﬁed one of the -mask calc, -mask nocalc,

or -purge options. Therefore the mask can change, granting more or fewer permissions,

on every acl modify command.

Here is the algorithm that the acl modify command uses when calculating the mask:

1. Retrieve the existing ACL of the ﬁle.

2. Perform all requests to remove entries and to reduce the permissions of existing

entries.

3. Calculate the union of the actual permissions of all remaining entries.

4. Determine which permissions differ between the actual and effective rights. (This

is the logical XOR of the results of steps 3 and 4.)

5. Perform all requests to add new entries to the ACL and all requests to increase the

permissions of existing entries.

6. Calculate the union of these newly granted permissions and the old effective

permissions (from step 4). This is the candidate new mask value.

7. If there are any permissions in the candidate new mask that are also in the

permissions that differ between the original actual and effective rights (from step

5), applying the candidate new mask would unexpectedly grant some new right

that the user did not intend. Unless the user speciﬁed one of the options -mask

calc, -mask nocalc,or -purge, this condition is an error, and the ACL is not

modiﬁed. Otherwise, the candidate new mask is applied as the new mask.

For the vast majority of ACL operations, such automatic recalculation is safe. In certain

rare cases, the recalculation of the mask can grant additional rights that the user did not

expect; for instance, a permission granted to an entry that the user did not specify and

that was not among the entry’s previous effective rights.

124243 Tandem Computers Incorporated 28− 21