Questions tagged [acl]

An access control list (ACL), with respect to a computer file system, is a list of permissions attached to an object.

An access control list (ACL) specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation.

When a subject requests an operation on an object in an ACL-based security model the operating system first checks the ACL for an applicable entry to decide whether the requested operation is authorized. A key issue in the definition of any ACL-based security model is determining how access control lists are edited, namely which users and processes are granted ACL-modification access. ACL models may be applied to collections of objects as well as to individual entities within the system hierarchy.

Benefits of ACLs include:

easy to implement
easy to understand
extremely fine-grained: down to the user and the resource

Drawbacks of ACLs include:

too fine-grained and thus too hard to manage. The ACL management is on a per-object level
not context-aware: ACLs do not take time, location, or other attributes into consideration
doesn't scale: ACLs only work on a small set of objects and users.

Other access control models include rbac and abac which aim to address the shortcomings of acl.

More information can be found on Wikipedia's definition of access control lists.

2775 questions

votes

2 answers

Zend Framework: need typical example of ACL

Can some one guide me for typical implementation example of ACL. Like 'admin' can access 'admin' module, 'user' can access 'user module', and guest can access 'open' pages.

zend-framework acl zend-acl

asked Mar 06 '11 at 09:18

Simpanoz

2,729
10
43
64

votes

1 answer

Can I add range of ports in netsh add urlacl?

I use the following command to allow listening of specific HTTP ports: netsh http add urlacl url=http://+:[port]/ user=DOMAIN\UserName But if I need to open a range of ports, can I setup a single rule?

windows acl administration

asked Jul 17 '14 at 12:08

Igor Semenov

votes

1 answer

Symfony2: How to find the users that have permissions for a certain domain object?

In our application based on Symfony2 we would like to create a list of which of the users in the system that has permissions for a given domain object. We are using ACL and our immediate instinct was to look in the ACL-object returned from the…

permissions acl symfony domain-object

asked Jul 07 '11 at 12:52

Aleksander Krzywinski

votes

3 answers

Get-ChildItem -force reports "Access Denied" on My Documents folder and other junction points

I have a script that I wrote that replaces files. I pass params to it for the name of the file, and the base location to search from. The worker lines are: $SubLocations = Get-ChildItem -Path $Startlocation -Recurse -include $Filename -Force | …

powershell acl access-denied

asked Jun 06 '14 at 12:36

Kevin_

2,916
3
19
18

votes

4 answers

Laravel 5.3 policies how to redirect unauthorized users

I can't find it on the documentation. How to redirect unauthorized user? RolePolicy.php class RolePolicy { use HandlesAuthorization; public function manageRoles(User $user) { return $user->isAdmin(); …

php acl laravel-5.3

asked Sep 17 '16 at 14:11

Kris MP

2,305
6
26
38

votes

1 answer

db level ACL filtering

I am looking at Spring-security 3.0 for this, spring's ACL filtering happens as post(api call) operation. There are 2 issues with that :- it will break paginated query Even if i take pagination out on layer above the api fetching results( i am…

spring-security acl

asked Jul 05 '12 at 06:57

redzedi

1,957
21
31

votes

2 answers

Multiple levels of authorization, not only role-based

Our application uses multiple ways for authorizing access to a given resource. Although it's working, it's messy and... well, it doesn't seem right. 1) Role-based authorization We have well defined roles where each role has access to a set of the…

authorization acl

asked Mar 27 '12 at 17:49

Luiz Damim

3,803
2
27
31

votes

2 answers

How can I stop Visual Studio's Web Publish from removing write permissions from my target web site?

I have a web app (actually Orchard CMS) that I am customizing and I want to push directl from my build server to my hosting provider, using Web Publishing aka MSDeploy. The problem is, when I publish the site (from Visual Studio, haven't tried it…

orchardcms acl msdeploy web-publishing

asked May 27 '13 at 23:57

Tim Long

13,508
19
79
147

votes

3 answers

How to filter my Doctrine queries with Symfony ACL

Symfony ACL allows me to grant access to an entity, and then check it: if (false === $securityContext->isGranted('EDIT', $comment)) { throw new AccessDeniedException(); } However, if I have thousands of entities in the database and the user has…

php symfony doctrine-orm doctrine acl

asked Feb 13 '13 at 16:49

Matthieu Napoli

48,448
45
173
261

votes

2 answers

Setting a file's ACL to be inherited

I am looking for a way in c# to reset a file's permissions to be inherited from the parent as if the file was created or copied to that directory. I can't seem to find anything on this from a file standpoint (I found a reference or two for…

c# acl

asked Oct 10 '12 at 04:17

Jim

2,034
1
22
43

votes

2 answers

Best way to manage user/group object permissions with Symfony2

I'd like to hear some thoughts on the best way to optimize our schema to achieve the following. We have a number of objects/db entries (events, venues, etc) some of which have children objects (meaning the same permissions apply - images, metas,…

symfony acl

asked Mar 11 '12 at 05:39

cyberwombat

38,105
35
175
251

votes

1 answer

AWS S3 - ACL vs. CORS configuration vs. bucket/object permissions

It seems that Access Control Lists (ACL), CORS configurations, and the permissions for each bucket and object all come into play when configuring the access settings for S3 buckets/objects. Can someone explain the difference between these and how…

amazon-web-services amazon-s3 cors acl

asked Sep 22 '16 at 04:00

lsimmons

votes

2 answers

When should I use ACL in my application

I am pretty much confused as to when I should implement an ACL (access control list) system in my application though I can easily manage permissions on groups simply by fetching the session group id and restricting the access using the Auth…

security permissions acl

asked Jul 02 '10 at 09:29

Gaurav Sharma

2,830
1
37
54

votes

1 answer

Uploading a file to AWS S3 with ACL set to public_read

In my Rails app I save customer RMA shipping labels to an S3 bucket on creation. I just updated to V2 of the aws-sdk gem, and now my code for setting the ACL doesn't work. Code that worked in V1.X: # Saves label to S3 bucket s3 = AWS::S3.new …

ruby-on-rails ruby amazon-s3 acl aws-sdk

asked Feb 18 '15 at 18:58

bnzelener

votes

3 answers

List all controllers/actions in Cakephp 3

How do I list all the controllers/actions on my site? Configure::listObjects('model') doesnt seem to exist anymore. I am trying to write a function to generate/add to the ACO's in my ACL setup. Thanks.

cakephp acl cakephp-3.0

asked Sep 17 '14 at 13:55

MjGaiser

Prev 1 2

…

99 100 Next