On 27 October 2014 19:10, erik quanstrom <quanstro@quanstro.net> wrote:

> it's not complicated.  permissions work like unix.


It's actually simpler but more powerful: groups are just users with members
instead of a distinct thing; membership of a group is checked
by the relevant file server and not the local kernel; group membership
depends on the user name at the file server, not a separate group ID or
list of current groups; and permission is allowed by the first of owner,
group and other in that order.