How to add _www to folder ACL?

AFAIK, you can only modify ACLs with chmod with Apple's supplied tools. There's no Apple-supplied GUI app that does it. BatchMod might be an alternative.

Give TinkerTool System a look. It isn't free, but the ACL tool alone is worth it.

It is an integral part of the OS (as are all command line utilities). But like other potentially dangerous activities it is kept out of plain view so that curious people don't nuke their systems just by casually poking around. If you're not comfortable with unix you shouldn't be setting ACLs.

Well, since there are almost 100,000 different combinations, ACLs can be complicated - and the Terminal is an integral part of the OS. Typically, Apple will provide an easy solution for the simpler stuff and leave the rest to the command line (or third parties), since you can easily damage your system if you don't know what you are doing (just look at the number of posts from people that have mangled the regular POSIX permissions).

I realize that I can chmod anything, but I prefer using a GUI for these types of things, esp when doing a lot of experimentation. Plus, it is easier to see the different permissions available as opposed to using chmod/ls -le.

Then, create your own app. BTW, BatchMod is donationware, so if it's useless don't pay for it.😉

Apple does provide a GUI for adding ACLs via the Finder -> Get Info -> Sharing & Premissions field. It is NOT a full ACL editor, and it will NOT add _www, it does allow adding basic access ACLs for Users listed in the System Preferences -> Users & Groups. And this is not new, as Get Info has been around since before Mac OS X, although back in the Mac OS Classic days, it was just playing with user and group permissions.

Considering the complexity ACLs provide, the Get Info interface is just the approach Apple would take to using ACLs without giving a loaded gun to the the consumers Apple targets their products towards.

One of the fundamental rules of HCI is to not put everything right in the User's face. It's overwhelming, especially if everything includes rarely viewed and even more rarely modified configuration details.

As for Windows, yes their file system security is fully accessible in the GUI - but everything in Windows is in a GUI, even things that should never be in a GUI because of the glaring security vulnerabilities it causes. And yes, there are many things that should never, ever, be GUI accessable.

Back to Apple, however...HCI says to give the most commonly used features of the majority of the people prominace, and give Power Users a way to get to advanced features. Apples choice to do the second bit is the command line. I think that makes a great deal of sense, personally. It's the same reason that not all the functionality of the diskutil utility is exposed in the Disk Utility app.

All on one line:

sudo chmod -R +a "_www allow list,add_file,search,delete,add_subdirectory,delete_child,chown,file_inherit,di rectory_inherit" /Absolute/path/to/the/directory

BobHarris wrote:

Apple does provide a GUI for adding ACLs via the Finder -> Get Info -> Sharing & Premissions field. It is NOT a full ACL editor, and it will NOT add _www, it does allow adding basic access ACLs for Users listed in the System Preferences -> Users & Groups. And this is not new, as Get Info has been around since before Mac OS X, although back in the Mac OS Classic days, it was just playing with user and group permissions.

That doesn't do the trick in Snow Leopard and I don't think in earlier OSs. Didn't check in the iOSified OSs, so I missed that and I'll have to check later when I boot into one of those. 😉

I just added an ACL to a file via Get Info on my Snow Leopard system (10.6.8)

and here is the 'ls' view of that:

/bin/ls -leO@ tmp.tmp
-rw-r--r--+ 1 raharris  staff  - 0 Dec  4 11:48 tmp.tmp
 0: user:testing allow read,readattr,readextattr,readsecurity

And I was able to do the same thing on my Mac mini running Leopard (10.5.8)

How? The only thing I see when clicking on the Privilege line is the various R&W ones. Where or how are ACLs added? That's the part that's missing for me.