new user id system idea.
Dave Berry
db at cstvax.UUCP
Thu Jun 27 15:54:41 AEST 1985
In article <382 at sdchema.UUCP> jwp at sdchema.UUCP (John Pierce) writes:
>Addition of a system call to allow "group superusers"
>helped quite a bit [if uid == gid, then that user can work their will with
>that groups files].
I'd like to suggest a slight variation on this.
Make uid's & gid's the same, with groups defined by a special format in
/etc/passwd (analogous to the style of entries in /etc/group).
Then you get your "group superuser" by logging-in (or su-ing) to that user.
Everybody else starts off in their own group - i.e. files they create have
the same uid & gid, restricting permission to themselves in each case.
This would obviously be changeable.
Then when any daemons write files to private spool directories, they change
the gid of these files to the owner, thus giving the owner (& no-one else)
read permission on spooled files. This would be useful if they wanted to
check the contents of files, before removing them or updating them.
--
Dave Berry. CS postgrad, Univ. of Edinburgh
...mcvax!ukc!{hwcs,kcl-cs}!cstvax!db
More information about the Comp.unix.wizards
mailing list