non-superuser chown(2)s considered harmful
Rik Harris
edp367s at monu6.cc.monash.edu.au
Fri Dec 14 02:51:48 AEST 1990
dag at fciva.FRANKLIN.COM (Daniel A. Graifer) writes:
>In article <1990Dec11.101909.10851 at kithrup.COM> sef at kithrup.COM (Sean Eric Fagan) writes:
>>
>>I prefer the control you get from a proper implementation of ACL's. See
>>Elxsi's EMBOS for an example. (Normal ACL's, an extension of Unix's rwx
>>philosophy, with users and groups; passwords for files [I forget whether
>>different users could have different passwords; I think so], and the ability
>>to specify that a file can only be accessed using a program from a given
>>program list [*neat*; I couldn't think of a normal use for SUID programs
>>under embos given that!].)
[guardfile stuff deleted]
>This is off the subject of unix internals, but Burroughs had a lot of the
>elements in place for an 'object-oriented' file system clear back in the
>early '70s. If we're going to talk about where we'd like unix to go, there
>are previous successful experiances to guide us.
Eeek! The reason I love unix so much is because it's simple. Start
adding security `features' like this, and things start getting
complex. ACL's are nice, but generally groups are sufficient (given a
good group managment system, though).
Rik.
--
Rik Harris - edp367s at monu6.cc.monash.edu.au | Build a system that
new address! rik at sola.fcit.monash.edu.au | even a fool can use,
Faculty of Computing and Information Technology, | and only a fool will
Monash University, Caulfield Campus, Australia | want to use it.
More information about the Comp.unix.internals
mailing list