zar@IAGO.CALTECH.EDU (Dan Zirin) (09/30/87)
I found another "bug": If you have a directory protection set to (RW,RW,R,E) (what I like to do a lot), and you turn on the security alarm for the file_access with BYPASS privilege, you will see the alarms go nuts trying to tell you everyone and their brother is using BYPASS to access data in the directories they don't have Execute privilege on the directory. In reading the manuals regarding protection (many moons ago) I assumed that if a directory has READ access granted, EXECUTE access is implied. This doesn't appear to be the case for security alarms, but it does appear to work in practice. Is it me or do the rest of you feel READ doesn't imply EXECUTE when dealing with directory protections? And even if you disagree with my protection interpretation, why is the F11BXQP (or whatever its called) grant access to directories with the BYPASS privilege under these circumstances. And even if F11BXQP needs BYPASS to access the directory, I'm only interested in user's gaining access with BYPASS, not eXternal Queue Processors (or whatever XQP stands for). Life's a beach isn't it? From The Great Zar