>>>>> "R" == R Joseph Wright <[EMAIL PROTECTED]> writes:
R> Can you create as few or as many of these rules as you like? Yes (in general at least, implementations may have an upper limit on the number of rules allowed). I am not sure I really understand how backwords compatibility with Unix permissions work. My understanding is that Unix permissions are ignored when ACLs are in place for a file, but I may be wrong. (some file-systems, eg AFS don't support unix file permissions at all). R> Also, it looks like there are no group IDs. As for no rules that use group ids, that was just my example ;-) I think groups will always be an important feature of any authorisation control system (which is what we are talking about here), however Unix is currently lacking in this area too (eg groups cannot be nested). I am uncertain here, but think such limitations may be more apparent with large scale LDAP databases. This will open many more cans of worms, I think I had better stop here ;-). -- Brian May <[EMAIL PROTECTED]>