Access Control List File

The Access Control List File (.www_acl) contains access information for the files in that directory. It is of the following format:

        template: method,method,...: group,user,group,...

template: is a name of a file in that directory (not containing the path). It may contain one wildcard * like any template in WWW server rule file. If there are entries with references to files in other directories they are completely ignored.
method,method,...: is a list of methods allowed.
group,user,group,...: lists the groups and users allowed to execute those methods for files matching the template. Group list can also have IP number templates, and in fact the group definition syntax is exactly as in the group file.

There may be many entries for each file, for example the following is valid:

        * : get,put : ari,tim,robert
        * : get     : group1,group2

Should put imply get?

If an entry for a file is missing, the file is considered to be completely protected from everybody, and it is never served to anybody.

Note 1: If Access Control List File exists it is always consulted, even when there is no protect rule saying so. In other words, an existing ACL file turns protection on (and then there must be a matched defprot rule).

Note 2: If there is a protect rule protecting a directory, but there is no corresponding ACL and there is no Mask-Group definition in the protection setup file, the situation is handled as if ACL was empty (i.e. contains no entries for any files), so access will be forbidden.

AL 12 December 1993