GBOPOLY1@NUSVM.BITNET (fclim) (12/05/88)
i refer to my previous comments on aegis acls. after some
discussion with colleagues, i decided that i don't like the
"additional" acl rights -- p, g, n, c, a, l, s, e, and d. these may
cause more damage as they confuse users who would then give the wrong
rights.
i still prefer unix rwx on files and directories but with the
introduction of lists so that users may define their own groups.
as in unix, the file system should keep a record of the owner of
the file or directory; only the user or root (or sys_admin) may be
allowed to chmod the file's permission. (ie only the user or root
has the p rights.)
the group and other fields in the file permission should be
replaced by a list. for example,
% ls -l foo
-rw- 1 haha * * foo
says that the file foo is owned by foo. so only foo and root may
change the rights on foo.
% /com/acl foo
acls on file foo:
haha.%.%.% rw-
bar.%.%.% rw-
fubaz.%.% r--
%.%.%.% ---
says that haha and bar (and root) may edit the file; fubaz may only read
the file and all others have no rights. here, fubaz and foo may not be
in the same group and other users in the foo's group may be denied access.
as in unix, a 'r' right on a directory means ls may list the directory,
(like a 's' acl right); a 'w' allows the account to create a file (or
a directory), create a link, and to delete subordinate objects (files,
directories or links); and a 'x' allows users to search or access files
in that directory.
a hard or soft linked object has the same rights as the original object.
finally, i believe that the unix's set-uid bit should be replaced by
aegis concept of a sub-system as this is much better in terms of
security besides other benefits.
fclim --- gbopoly1 % nusvm.bitnet @ cunyvm.cuny.edu
computer centre
singapore polytechnic
dover road
singapore 0513.