Carson Gaspar wrote:
we give the right to add folder to user foo.(this
user can not delete anything as a default) After that
we give the right create file.And then user foo gains
delete everthing. How come is it possible.
Even though we add another rule like
"0:user:foo:delete_child/delete:deny". Again it does
not work . Why please somebody answer this strange
situation.
I can't find any response to this query from last August. I can confirm that on
a Solaris 10 U3 fully patched server that the 'delete_child' ACL is being
ignored in ZFS. Deletion is only controlled by the 'add_file' ACL. I'm fairly
certain that this is in violation of the NFSv4 spec, which zfs claims to
implement.
The "sticky bit" on a directory is also not reflected in the ACLs output by 'ls
-dv', although it appears to work as usual. I have a nasty suspicion that this is related.
I would suspect you are seeing:
6541829 zfs delete permissions are not working correctly.
That bug is fixed in Nevada, and will be in update 4.
-Mark
_______________________________________________
zfs-discuss mailing list
zfs-discuss@opensolaris.org
http://mail.opensolaris.org/mailman/listinfo/zfs-discuss