View Full Version : Group Access to Dirs
Quick request for feedback: Should a directory continue to check only the primary group for group permission or should I make it search all groups a user is a member of? Seems like it would be more useful to search them all but normal unix permissions would just do the first. You could of course make the dir a private dir and specify multiple groups but that would hide it completely from unmatched users...
o_dog
04-17-2009, 03:59 AM
you mean if it should search a users primary group only?
I would like to see the same type of private dirs that you have in glftpd actually, i like em, or i might just be used to them.
And it should check all of a users groups.
I'm not familiar with glftpd private dirs. How do they differ from ioFTPD ones which are basically just an access control list like any other permission list (3Z -user =group ...) and if you don't match you don't even get to see the directory name listed?
BTW, 6.10 has some seriously useful features for MV flagged users because the permissions (rwx field) on directories will indicate if the directory has an access control list and you can even see the list returned directly into the listing if you want by having it replace the user or group field by specifying options to LIST/STAT. It will also show you which directories are merged and optionally where. It's going to be really cool.
I tend to agree, I think it should check all groups a user belongs to, but it currently doesn't...
isteana
04-17-2009, 12:01 PM
the private directory must be hide for all users except for user who has arrowed flag and flag of 1,M
o_dog
04-17-2009, 12:17 PM
YiL: can you make an option for listing and stat-l to send out a specified user and groupname for the listed files? in other words an option to hide the ownership from users but at the same time keeping the file permissions intact.
You mean userA/groupA owned file/dir but non-SiteOps should see that as DefaultUser/DefaultGroup? I don't see any problem with allowing that as an option, or even better defining a new user flag so you can turn it on/off per-user, but would you want that everywhere or just in some dirs? Inheritted by new subdirs? I also think it would make a lot of sense for a user to see which files they actually do own so they would see themselves for their files but default for everything else... Any reason the default shown shouldn't be the already defined default user/group info?
Pure GroupAdmins could maybe also see users whose primary group is the same...
o_dog
04-18-2009, 02:40 AM
nah I want an option to turn it on/off completely. A flag is not a good option since you would have to add it to everybody. Better to just have an on/off option. I really mean hidden, for all intent and purpose it should be hidden for EVERYONE.
vBulletin® v3.8.11 Alpha 3, Copyright ©2000-2024, vBulletin Solutions, Inc.