Path: utzoo!censor!geac!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!samsung!usc!csun!kithrup!sef
From: sef@kithrup.COM (Sean Eric Fagan)
Newsgroups: comp.unix.internals
Subject: Re: non-superuser chown(2)s considered harmful
Message-ID: <1990Dec11.101909.10851@kithrup.COM>
Date: 11 Dec 90 10:19:09 GMT
References: <110075@convex.convex.com> <18796@rpp386.cactus.org> <3128:Dec1001:47:0490@kramden.acf.nyu.edu>
Organization: Kithrup Enterprises, Ltd.
Lines: 21

In article <3128:Dec1001:47:0490@kramden.acf.nyu.edu> brnstnd@kramden.acf.nyu.edu (Dan Bernstein) writes:
>> However, in a co-operative environment (such as commercial installations)
>> there is quite a bit of file-sharing going on in a very ad hoc fashion.
>I prefer the control you get from a setuid program.

I prefer the control you get from a proper implementation of ACL's.  See
Elxsi's EMBOS for an example.  (Normal ACL's, an extension of Unix's rwx
philosophy, with users and groups; passwords for files [I forget whether
different users could have different passwords; I think so], and the ability
to specify that a file can only be accessed using a program from a given
program list [*neat*; I couldn't think of a normal use for SUID programs
under embos given that!].)

Sadly, when unix goes to ACL's, I suspect I won't see something like Embos.
*sigh*

-- 
Sean Eric Fagan  | "I made the universe, but please don't blame me for it;
sef@kithrup.COM  |  I had a bellyache at the time."
-----------------+           -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.