When to use ACLs to control file and directory access

January 12, 2021

Some GLADE users need to share files with others who aren’t in the same UNIX group. Common examples involve sharing files among users in different NCAR labs or universities, and sharing files with short-term visitors, interns, students, or others during a short project period.

CISL recommends using access control lists (ACLs) to provide the necessary permissions as a better solution than creating a special group. ACLs allow you to control access to files and directories outside of traditional UNIX permissions while the UNIX permissions remain in effect.

See Using access control lists for examples of how to create ACLs to allow other individuals and groups to work with your files, how to propagate permissions to new files and directories, and how to remove ACLs when they are no longer needed.