Unix files should have both real and effective ids for files too
Piercarlo Grandi
pcg at cs.aber.ac.uk
Thu Dec 20 03:07:07 AEST 1990
On 11 Dec 90 20:47:35 GMT, adeboer at gjetor.geac.COM (Anthony DeBoer) said:
adeboer> In article <PCG.90Dec10191750 at odin.cs.aber.ac.uk>
adeboer> pcg at cs.aber.ac.uk (Piercarlo Grandi) writes:
pcg> Note that having real and effective id for files too also solves the
pcg> problem of protection and accounting for space for protected subsystems
pcg> like Ingres or LPD, which currently have three equally unpalatable
pcg> choices:
Note that I have written "id" not "uid" -- there would need to be real
effective user _and_ group ids.
adeboer> There's a fourth choice: give the subsystem a group ID of its
adeboer> own. The files in the queue would remain owned by their
adeboer> original owner, but the GID would be "lp" or whatever, and the
adeboer> permissions 660.
This is a fairly common scheme (e.g. month, some mails), and uses the
uid for real uid and the gid for effective _u_id. By doing so you lose
the gid, as it is used to simulate the effective uid. This can be a
problem -- for example on systems I managed accounting was done by gid,
with breakdown by uid.
On the other hand you do have a point: there is a fourth unpalatable
choice which I had forgotten.
--
Piercarlo Grandi | ARPA: pcg%uk.ac.aber.cs at nsfnet-relay.ac.uk
Dept of CS, UCW Aberystwyth | UUCP: ...!mcsun!ukc!aber-cs!pcg
Penglais, Aberystwyth SY23 3BZ, UK | INET: pcg at cs.aber.ac.uk
More information about the Comp.unix.internals
mailing list