tale@pawl.rpi.edu (David C Lawrence) (06/10/89)
In <32063@bu-cs.BU.EDU> bzs@bu-cs.BU.EDU (Barry Shein) and in <2510@gandalf.UUCP> ml@gandalf.UUCP (Marcus Leech) write about UNIX and VMS permission schemes. Looking at it from yet another OS's view, this one strong point I give to MTS (the Michigan Terminal System) which runs on IBM mainframes. With MTS I can always permit my files exactly the way I want to and limit or give as much permission to the file as is my wont. If I just want a particular account to have read access to a file, I can do it and not have to permit the entire project (group) access. If I want a certain programme to be able to access the file, I can permit it so. If I want a whole project to have access, no problem. And I don't have to go around making new groups for people to be in and setting GID or UID permissions; allowing the programme access rather than the project or person is much more secure this way. I love UNIX. I rarely use MTS anymore but for conferencing and occasionally to take advantage of the verboseness of the C87 compiler. There is many a time, however, when I have wished that UNIX had the flexibility of the MTS permission scheme. There are other "grossnesses" to MTS file system structure that I don't think are at all related to how it does permission -- non-hierarchal, very difficult to find things (ie, if you don't know where a file is but you know that it exists, good luck finding it by just bouncing around the system), case-insensitive file names, name length limitations, et cetera, but those are mostly meaningless to this discussion. What is meaningful is how the very flexible permissions are implimented and unfortunately, without being an MTS systems programmer, I don't know how well it could exist in UNIX. From a user's perspective, though, it is right on the money. Dave -- (setq mail '("tale@pawl.rpi.edu" "tale@itsgw.rpi.edu" "tale@rpitsmts.bitnet")) "I realize the Internet isn't the whole world, but it is the center of it." -- Greg Woods
charlie@mica.stat.washington.edu (Charlie Geyer) (06/11/89)
In article <TALE.89Jun9202950@imagine.pawl.rpi.edu> tale@pawl.rpi.edu writes: > With MTS I can always permit my files exactly the way I want to and > limit or give as much permission to the file as is my wont. If I just > want a particular account to have read access to a file, I can do it > and not have to permit the entire project (group) access. If I want a > certain programme to be able to access the file, I can permit it so. > If I want a whole project to have access, no problem. And I don't > have to go around making new groups for people to be in and setting > GID or UID permissions; allowing the programme access rather than the > project or person is much more secure this way. So to change the subject from GNU OS, how DOES one do this in UNIX? If I am writing a paper and I want to allow my coauthor, but not the rest of the world, to edit the file, is there any way to do this without setting up a new group?