TJ,

I would agree with your thoughts.

For what its worth Solaris/Unix systems by default have a limit of 16 groups for
users.

I know Solaris has an additional mechanism called RBAC (Role Based Access
Control) which can be used to go beyond the standard Unix stuff, and also
provide finer-grained access control in this area.

Does anyone know if Linux has a similar mechanism?

Jerry K


TJ Saunders wrote:
>> We are using proftpd for an ftp server on a Linux box. For each directory,
>> I create a group. And I control which directory an ftp user can have
>> access to by putting the user into different groups. But I run across a
>> problem. If a user is put into about 35 groups, he will loss access to all
>> directories after login through FTP. Even though he can 'ls' them, but he
>> can not 'cd' them. The error message is "access denied". Could anybody
>> tell me how to work around it.

>
> This, I believe, is a relevant FAQ:
>
> http://www.proftpd.org/docs/faq/faq_full.html#AEN439
>
> There is a OS limit to the number of groups to which a user can belong;
> there is nothing proftpd can do to work around OS limits like this.
>
> TJ
>


-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=...057&dat=121642
_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html