Xref: utzoo comp.unix.questions:14755 comp.unix.wizards:17171
Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!bbn!drilex!dricejb
From: dricejb@drilex.UUCP (Craig Jackson drilex1)
Newsgroups: comp.unix.questions,comp.unix.wizards
Subject: Re: at files and permissions
Message-ID: <2826@drilex.UUCP>
Date: 7 Jul 89 20:36:16 GMT
References: <1894@cbnewsh.ATT.COM> <669@lzaz.ATT.COM> <8072@bsu-cs.bsu.edu> <4884@ficc.uu.net> <8092@bsu-cs.bsu.edu> <1880@auspex.auspex.com>
Reply-To: dricejb@drilex.UUCP (Craig Jackson drilex1)
Distribution: na
Organization: DRI/McGraw-Hill, Lexington, MA
Lines: 32

In article <1880@auspex.auspex.com> guy@auspex.auspex.com (Guy Harris) writes:
>>   I doubt that it will need to.
>
>Considering the BSD file system in S5R4 is intended to have support for
>disk quotas, then yes, it *will* need to permit you to disallow giving
>away files.  It will probably be a configuration option.

At the SVR4 BOF at the Baltimore Usenix, the presenters did
state that there would be a configuration option for chown
behavior.  Evidently, it will be either a config-time option
or a boot-time option, and it will be system-wide.

I think the chown issue is largely one of usage--at Universities, where
there are a large number of independent users who must be treated as
malicious, quotas are valuable, and disallowing chown is one of the costs
of quotas.  At commercial sites, a given file system will be supporting
only a few projects, there is no such thing as academic freedom, and
the boss's opinion of who's hogging the disk will always win.  In that
environment, allowing give-away chowns is useful, and there really
isn't much reason not to.  (How many commercial sites run with quotas
enabled?  On how many file systems?)

What one would really want is some sort of permission matrix.  (Mary and
John can chown with each other.  Professors can chown with abandon
amongst themselves, but lowly undergraduates cannot chown at all.)  Such
a thing is really more complicated than the Unix philosophy normally
allows.  Perhaps the quota system could be expanded to handle this.
When Unix gets ACLs (Access Control Lists), it would be nice to fold
this sort of thing into that implementation.
-- 
Craig Jackson
{bbn,ll-xn,axiom,redsox,atexnet,ka3ovk}!drilex!{dricej,dricejb}