Questions tagged [acl]

An access control list (ACL), with respect to a computer file system, is a list of permissions attached to an object.

An access control list (ACL) specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation.

When a subject requests an operation on an object in an ACL-based security model the operating system first checks the ACL for an applicable entry to decide whether the requested operation is authorized. A key issue in the definition of any ACL-based security model is determining how access control lists are edited, namely which users and processes are granted ACL-modification access. ACL models may be applied to collections of objects as well as to individual entities within the system hierarchy.

Benefits of ACLs include:

easy to implement
easy to understand
extremely fine-grained: down to the user and the resource

Drawbacks of ACLs include:

too fine-grained and thus too hard to manage. The ACL management is on a per-object level
not context-aware: ACLs do not take time, location, or other attributes into consideration
doesn't scale: ACLs only work on a small set of objects and users.

Other access control models include rbac and abac which aim to address the shortcomings of acl.

More information can be found on Wikipedia's definition of access control lists.

2775 questions

votes

1 answer

Laravel Cartalyst Sentinel - Adding a username column to users table (What is the right way)

I've pulled in cartalyst/sentinel and i've run the migrations required to generate the tables php artisan migrate --package=cartalyst/sentinel I notice that these are the columns available in the users…

php laravel acl cartalyst-sentinel

asked Oct 01 '14 at 02:59

arkhamDev

1,028
1
15
32

votes

2 answers

Does ACL on Linux impact performance

We are planning to implement ACL on our Linux platform. Only one particular group is going to come under ACL. This group would have at the max 20 users. All of the restrictions would be at directory level (not at file name level) Would this show any…

linux performance security acl redhat

asked Mar 02 '10 at 16:05

ring bearer

20,383
7
59
72

votes

2 answers

ACL best practices, store roles in user object, or separate table/collection?

I am using nodejs, and have been researching acl/authorization for the past week. I have found only a couple, but none seem to have all the features I require. The closest has been https://github.com/OptimalBits/node_acl, but I don't think it…

node.js mongodb acl

asked Jan 12 '13 at 17:38

az_

1,493
1
16
24

votes

0 answers

removing an explicit mandatory label using icacls

I was doing some experimentation with integrity levels and icacls on Windows 7. I set mandatory integrity levels, so that I get something that looks like this: C:\Debug>icacls test.exe test.exe Everyone:(I)(RX) …

windows acl explicit integrity levels

asked Oct 30 '12 at 18:10

chut7

votes

1 answer

Symfony2 Group permissions with ACL

Where I work we are designing a webapp in which users may belong to multiple groups and each group has access on a set of resources not known in advanced. Plus, users can enter or leave groups and groups can acquire or lose access to resources, so…

symfony acl fosuserbundle user-permissions

asked Aug 16 '12 at 09:01

mokagio

16,391
3
51
58

votes

2 answers

How to set up network ACL on Amazon Virtual Private Cloud?

I have set up an Amazon Virtual Private Cloud (VPC). Inside the VPC I have 2 networks in which I create instances. For security reasons I want to put some network access control lists (Network ACL) on those networks, besides the machines firewall.…

networking amazon-web-services acl traffic amazon-vpc

asked May 15 '12 at 07:59

dragos.luca

votes

1 answer

Where does Windows store ACLs and do ACLs follow a file from one machine to another?

Our app uses a component that requires a license file in the directory with our executable, which happens to be a .NET WinForms app though I think it is immaterial to this question. When installed on some XP Pro machines (just three out of several…

windows svn permissions installshield acl

asked May 08 '09 at 12:42

flipdoubt

13,897
15
64
96

votes

1 answer

Doctrine 2 proxy classes breaking Symfony2 ACL

When attempting to run findAcl() on an entity with an existing entry in the acl_classes table generated by init:acl I get an AclNotFoundException. Testing with createAcl() on the object in question before calling findAcl() shows a new record in…

doctrine-orm symfony acl proxy-classes

asked Sep 19 '11 at 19:56

Lord_Baine

votes

3 answers

You have requested a non-existent service "security.acl.dbal.connection"

when I run init:acl in symfony2.0 I got this error, anyone knows how to fix it! You have requested a non-existent service "security.acl.dbal.connection"

acl symfony

asked Jul 30 '11 at 09:11

Jayson

2,123
3
19
16

votes

2 answers

Implementing ACL constraints, more than allow/deny

I've developed a small yet effective MVC-style framework for use in an application, and I'm implementing an ACL per-request check. Quick details: PHP 5.3+; MySQL 5.1+; Custom framework, "MVC-like" As of now, the ACL check is simple "deny-if-not…

php model-view-controller permissions constraints acl

asked May 25 '11 at 22:09

Dan Lugg

20,192
19
110
174

votes

4 answers

How should I be implementing my ACL in a web application?

I've been thinking about the web app I'm about to begin developing and wondering whether my usual approach could be improved. In my last few apps I've created a table (see below) of roles (such as CREATE POST, EDIT POST etc.) which each have a…

php acl access-control rights-management

asked Feb 13 '09 at 16:34

Ross

46,186
39
120
173

votes

1 answer

ACL - Implement acl together with passport

I am trying out node_acl with passport-local. When I run my code I cannot secure the route for the admin-user '/admin' and I am redirected to the /login page. Find below my minimum runnable example: require('dotenv').config() const express =…

javascript node.js express acl

asked Nov 24 '17 at 09:26

Carol.Kar

4,581
36
131
264

votes

3 answers

Applying ACL silently failing (sometimes)

I have an application running in multiple servers applying some ACL's. Problem is when more than one server is applying on the same folder structure (i.e. three levels), usually only levels one and three have the ACL's applied, but there's no…

c# file-permissions acl distributed-computing

asked Nov 21 '17 at 12:38

Anderson Pimentel

5,086
2
32
54

votes

2 answers

Applying ACL Permissions using PowerShell Set-Acl

New-Item -Type Directory -Path "C:\MyFolder" $Acl = Get-Acl "C:\MyFolder" $Ar = New-Object System.Security.AccessControl.FileSystemAccessRule("username", "FullControl", "Allow") $Acl.SetAccessRule($Ar) Set-Acl -Path "C:\MyFolder" -AclObject…

powershell acl

asked Mar 24 '17 at 10:43

Royston

votes

3 answers

Kafka TOPIC_AUTHORIZATION_FAILED

I'm actually working on setting up simple Kafka authentication using SASL Plain Text and add ACL authorization. But I have an issue when I try to consume data. [main] INFO org.apache.kafka.common.utils.AppInfoParser - Kafka version : 0.10.0.0 [main]…

apache-kafka acl jaas

asked Oct 22 '16 at 20:23

Maximilien Belinga

3,076
2
25
39

Prev 1 2 3

…

99 100 Next