RE: IFS object authority

["Eyers, Daniel" <daniel.eyers@xxxxxxxxxxxxx>]

Thanks, Roger....  That article does a great job describing the behavior.

What's missing from the IFS implementation is the concept of the umask...  
Basically, it describes the default creation
permissions based on user choice.  In linux (and unix as well....) a created 
object's permissions are based on the user
(that is the creator) the user's primary group (usually the same as the 
creator), with read authority granted to the
world (*PUBLIC). Unlike the instructions in the Knowledge base article, there 
is no need to modify any permissions to
allow group access (at least read only).  Of course, one can set the "sticky 
bit" to inherit the permissions from the
parent. This is all controlled through the umask and can be user configurable.  

Our issue with the IFS is that if one uses FTP to create files, one must resort 
to command line to get the permissions
right; it occurs using shared drives as well.  It's an added step we don't see 
in either Linux or AIX.  

Not sure if we'll ever see the IFS handle this... My guess is the IBM would 
rather have a machine running both Linux and
OS/400 and get the best of both worlds.  It's an option I'd love to explore....

thanks for the info!!!

dan


-----Original Message-----
From: Roger Vicker, CCP [mailto:rvicker@xxxxxxxxxx]
Sent: Monday, June 02, 2003 10:21 PM
To: Java Programming on and around the iSeries / AS400
Subject: Re: IFS object authority


Dan,

Check out the Knowledge Base article 18314911 at:

http://www-912.ibm.com/s_dir/SLKBase.nsf/0/e3dc97d7f1aeaf348625685f005c6263?OpenDocument&ExpandSection=1&Highlight=0,ifs

It helps explain the IFS security and how it is based on Unix. Notice 
that how Owner is handled on new objects is different as of V5R2.

Roger Vicker, CCP