Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!uunet!munnari.oz.au!goanna!minyos!monu6!edp367s From: edp367s@monu6.cc.monash.edu.au (Rik Harris) Newsgroups: comp.unix.internals Subject: Re: non-superuser chown(2)s considered harmful Message-ID: <1990Dec13.155148.10346@monu6.cc.monash.edu.au> Date: 13 Dec 90 15:51:48 GMT References: <110075@convex.convex.com> <18796@rpp386.cactus.org> <3128:Dec1001:47:0490@kramden.acf.nyu.edu> <1990Dec11.101909.10851@kithrup.COM> <556@fciva.FRANKLIN.COM> Organization: Monash University, Caulfield Campus Lines: 30 dag@fciva.FRANKLIN.COM (Daniel A. Graifer) writes: >In article <1990Dec11.101909.10851@kithrup.COM> sef@kithrup.COM (Sean Eric Fagan) writes: >> >>I prefer the control you get from a proper implementation of ACL's. See >>Elxsi's EMBOS for an example. (Normal ACL's, an extension of Unix's rwx >>philosophy, with users and groups; passwords for files [I forget whether >>different users could have different passwords; I think so], and the ability >>to specify that a file can only be accessed using a program from a given >>program list [*neat*; I couldn't think of a normal use for SUID programs >>under embos given that!].) [guardfile stuff deleted] >This is off the subject of unix internals, but Burroughs had a lot of the >elements in place for an 'object-oriented' file system clear back in the >early '70s. If we're going to talk about where we'd like unix to go, there >are previous successful experiances to guide us. Eeek! The reason I love unix so much is because it's simple. Start adding security `features' like this, and things start getting complex. ACL's are nice, but generally groups are sufficient (given a good group managment system, though). Rik. -- Rik Harris - edp367s@monu6.cc.monash.edu.au | Build a system that new address! rik@sola.fcit.monash.edu.au | even a fool can use, Faculty of Computing and Information Technology, | and only a fool will Monash University, Caulfield Campus, Australia | want to use it.