027 does a better job of keeping the model while tightening it up - worldly permissions are removed, users and groups are still meaningful.
This is what they're supplementing with ACLs, creating a frustrating problem of discovery by managing groups of users outside of groups
It's not necessarily wrong, I guess. There may be cases where someone wants this. ACLs are an answer, just not the one I'd suggest.
Why? Imagine 'Bob' leaves. Do you want to remove them from countless ACLs, or one group?
One is probably better off with 027, using groups, and focusing on SELinux or AppArmor. It will permit or deny things based on many things, including user context.
Bonus: it isn't limited to assets on disk. Things like gaining a shell and proxying services can be denied.
027 does a better job of keeping the model while tightening it up - worldly permissions are removed, users and groups are still meaningful.
This is what they're supplementing with ACLs, creating a frustrating problem of discovery by managing groups of users outside of groups
It's not necessarily wrong, I guess. There may be cases where someone wants this. ACLs are an answer, just not the one I'd suggest.
Why? Imagine 'Bob' leaves. Do you want to remove them from countless ACLs, or one group?
One is probably better off with 027, using groups, and focusing on SELinux or AppArmor. It will permit or deny things based on many things, including user context.
Bonus: it isn't limited to assets on disk. Things like gaining a shell and proxying services can be denied.