Organisation-wide uids
Charles Hedrick
hedrick at geneva.rutgers.edu
Fri Apr 7 22:08:38 AEST 1989
In theory secure RPC could be used to avoid having organization-wide
uid's. However it's going to take some work to make that actually happen
(and for non-U.S. customers you'd need to do some hacking to get secure
RPC to work anyway). Currently we do in fact have university-wide uid's.
We have a program that is used to create new users. It talks to a central
server that keeps a global username/uid database. Different departments
can customize the program as they like to fit their environment, but they
at least have to get uid's from the common database. I'm not real
enthusiastic about this, since you can only have 32K of uid's. (There are
security problems with having uid's above 32K under release 4.0.) But so
far we've been able to live with it. We are strongly encouraging Sun to
both
- do the necessary work on tools so that secure RPC can really be
used to decouple different departments' networks. (Also
figure out a way to get it to non-U.S. customers. I
suggest shipping the code from the U.S. with the des
module left out, and letting Sun in Finland supply des.o.)
- expand uid's and gid's to 32 bits (and while they're at
it, user names to 39 characters).
I have no idea how you'd integrate VMS into this. I was hoping that the
VMS implementations would provide some sort of mapping.
More information about the Comp.sys.sun
mailing list