Similarly, when a file is chmod'ed, an ACL is built according to rights granted to user, group and world. The ACL which grants or denies permissions to the owner, group or world is used to build the corresponding Linux owner, group or world permissions as returned to stat() and displayable by the standard command "ls -l".
As a consequence all security data may be saved by standard Windows tools, whereas standard Linux backup tools store the conversion to Linux rights, thus losing some information which may be perceived under Windows after restoring.
The Linux rights for owner, group and world to read, write or execute a file are not stored on NTFS but are converted to or from an ACL when Linux sets or retrieves security parameters of a file. In the proposed ntfs-3g extension, only data as defined for NTFS are used. To define interoperability of access to files for Windows and Linux, two relations have to be established between concepts in both systems : one regarding the users and groups, and another regarding the access rights. In a further extension, granting or denying rights to multiple individual users or groups is made possible according to the draft definition of POSIX ACLs. In a first level extension, we will only deal with the traditional Linux access rights associated to a single owner, a single group and other users. The list of rights attached to a file is known as an ACL (Access Control List), and a set of rights defined for a user is known as an ACE (Access Control Entry). In Windows multiple individual or collective users with specific rights may be defined for a file. In some Linux configurations, similar rights can be granted to users and groups which are unrelated to the owner. In Linux, the basic rights to access the file are defined for owner, group and world. The Windows permissions are more general and some configurations cannot be defined or used in Linux.Īnyway, both Linux and Windows associate an owner and a group to files. The same data can be used by Linux on a dual-boot computer to control access to files, but as the underlying concepts are different, approximations have to be made.
To each file are associated an owner, a group, and a list of users who are allowed or denied to access the file for some purpose.
NTFS has a native data organisation which Windows uses to control access to files.
0 kommentar(er)
