Manualshelf

Specifications

ManualsBrandsApple ManualsComputer equipmentMac OS X Server Print Service Administration For Version 10.4 or Later
11121314151617181920
16 Chapter 1 Overview of File Services
Permissions in the Mac OS X Environment—Background
If you’re new to Mac OS X and are not familiar with UNIX, its important to know that
there are some differences in the way ownership and permissions are handled
compared to Mac OS 9.
To increase security and reliability, Mac OS X sets many system folders, such as
/Library, to be owned by the root user (literally, a user named “root”). Files and folders
owned by root can’t be changed or deleted by you unless youre logged in as root. Be
careful—there are few restrictions on what you can do when you log in as root, and
changing system data can cause problems. An alternative to logging in as root is to use
the sudo command.
Note: The Finder calls the root user “system.”
Files and folders are, by default, owned by the user who creates them. After theyre
created, items keep their privileges (combination of ownership and permissions) even
when moved, unless the privileges are explicitly changed by their owners or an
administrator.
Therefore, new files and folders you create are not accessible by client users if they are
created in a folder for which the users don’t have privileges. When setting up share
points, make sure that items allow appropriate access privileges for the users with
whom you want to share them.
Kinds of Permissions
Mac OS X Server supports two kinds of file and folder permissions:
Standard Portable Operating System Interface (POSIX) permissions
Access Control Lists (ACLs)
Standard Portable Operating System Interface (POSIX) permissions let you control
access to files and folders based on three categories of users: Owner, Group, and
Everyone. While these permissions give you adequate control over who can access a
file or a folder, they lack the flexibility and granularity that many organizations require
to deal with elaborate user environments.
This is where ACLs come in handy. An ACL provides an extended set of permissions for
a file or folder and allows you to set multiple users and groups as owners. In addition,
ACLs are compatible with Windows Server 2003 and Windows XP, giving you added
flexibility in a multiplatform environment.
Note: In this guide, the term “privileges refers to the combination of ownership and
permissions, while the term “permissions” refers just to the permission settings that
each user category can have (Read & Write, Read Only, Write Only, and None).