[comp.unix.wizards] Access permission

tale@pawl.rpi.edu (David C Lawrence) (06/10/89)

In <32063@bu-cs.BU.EDU> bzs@bu-cs.BU.EDU (Barry Shein) and in
<2510@gandalf.UUCP> ml@gandalf.UUCP (Marcus Leech) write about UNIX
and VMS permission schemes.

Looking at it from yet another OS's view, this one strong point I give
to MTS (the Michigan Terminal System) which runs on IBM mainframes.
With MTS I can always permit my files exactly the way I want to and
limit or give as much permission to the file as is my wont.  If I just
want a particular account to have read access to a file, I can do it
and not have to permit the entire project (group) access.  If I want a
certain programme to be able to access the file, I can permit it so.
If I want a whole project to have access, no problem.  And I don't
have to go around making new groups for people to be in and setting
GID or UID permissions; allowing the programme access rather than the
project or person is much more secure this way.

I love UNIX.  I rarely use MTS anymore but for conferencing and
occasionally to take advantage of the verboseness of the C87 compiler.
There is many a time, however, when I have wished that UNIX had the
flexibility of the MTS permission scheme.

There are other "grossnesses" to MTS file system structure that I
don't think are at all related to how it does permission --
non-hierarchal, very difficult to find things (ie, if you don't know
where a file is but you know that it exists, good luck finding it by
just bouncing around the system), case-insensitive file names, name
length limitations, et cetera, but those are mostly meaningless to
this discussion.  What is meaningful is how the very flexible
permissions are implimented and unfortunately, without being an MTS
systems programmer, I don't know how well it could exist in UNIX.
From a user's perspective, though, it is right on the money.

Dave
--
 (setq mail '("tale@pawl.rpi.edu" "tale@itsgw.rpi.edu" "tale@rpitsmts.bitnet"))
  "I realize the Internet isn't the whole world, but it is the center of it."
                                                        -- Greg Woods

charlie@mica.stat.washington.edu (Charlie Geyer) (06/11/89)

In article <TALE.89Jun9202950@imagine.pawl.rpi.edu> tale@pawl.rpi.edu writes:

> With MTS I can always permit my files exactly the way I want to and
> limit or give as much permission to the file as is my wont.  If I just
> want a particular account to have read access to a file, I can do it
> and not have to permit the entire project (group) access.  If I want a
> certain programme to be able to access the file, I can permit it so.
> If I want a whole project to have access, no problem.  And I don't
> have to go around making new groups for people to be in and setting
> GID or UID permissions; allowing the programme access rather than the
> project or person is much more secure this way.

So to change the subject from GNU OS, how DOES one do this in UNIX?

If I am writing a paper and I want to allow my coauthor, but not the rest
of the world, to edit the file, is there any way to do this without setting
up a new group?