File daemons (was: How do I detect who and when A file gets accessed ?)

[Doug Gwyn]

In article <16687 at watdragon.waterloo.edu> jmsellens at watdragon.waterloo.edu (John M. Sellens) writes:
-It occured to me a while ago that you can get most of the benefits
-of ACL's with group memberships.  Write a program or two to create
-new groups when needed, make sure that a user can be in some reasonable
-number of groups, and you get most of what people are interested
-in with existing mechanisms.  Note that you can have an exclusion
-mechanism by sticking the excludee's userids in a group, making the
-file that group, and denying permissions to that group.

This doesn't work, because the group-ID space isn't big enough for
every combination of access rights to have its own group (unless,
that is, your site has only a handful of users).