dbfunk@ICAEN.UIOWA.EDU (David B. Funk) (09/20/88)
I would like to clarify my last note: article <8809142353.AA14291@umaxc.weeg.uiowa.edu> The sigp/kill/crp control that is provided at SR10 is a very nice feature. It is based upon the idea of "node ownership". A node can be configured with an optional "node owner" file. If this file is omitted then there is no additional control (much like pre SR10.) If the file exists then the names in it are used to determine who is allowed to signal non-owned processes and crp on to that node. Thus these powers can be restriced to a select node owner or just "root". This is the kind of control that I had in mind for things like SHUT and EX when I said: I am pleased to see that SR10 will provide process ownership and "crp" control. I would like to add my vote to the "shut" control demand. There is one case where such control could be a liability. If, due to some failure, things get hosed badly enough, it might not be possible to log in to any particular account. Then just being able to type in "SHUT" at the login prompt is very nice. One possible answer to this would be to provide a way to substitute a secret command in place of shut. Then the sys_admin (or node owner) could restrict the "SHUT" rights to those knowing the magic word. (Yes this is reaching but in our environment every little bit helps.) Dave Funk Iowa Computer Aided Engineering Network (ICAEN) University of Iowa, Iowa City, IA dbfunk@icaen.uiowa.edu