Access Control Lists basics
Posted
by vtortola
on Stack Overflow
See other posts from Stack Overflow
or by vtortola
Published on 2010-04-15T14:04:41Z
Indexed on
2010/04/15
14:13 UTC
Read the original article
Hit count: 615
Hi,
I'm gonna add authorization, user and groups management to my application, basically... you will can define a set of permissions for a concrete user or group. For example, you could specify whom can use a concrete resource.
So I want to ensure that my assumptions about ACLs are right:
- A basic rule could be "Grant", "Deny", "NoSet".
- User permissions have priority over group permissions.
- "Deny" statement has priority over "Grant".
For example, user "u1" belongs to group "A", the resource "X" has this ACL "u1:grant,A:deny" user "u1" should be able to access the resource, shouldn't it?
If a resource has no ACL set... does it means that anyone can access it? should I provide a default ACL?
Any document about ACL in a general way?
Cheers.
© Stack Overflow or respective owner