Path: utzoo!attcan!telly!lethe!torsqnt!news-server.csri.toronto.edu!cs.utexas.edu!uunet!mcsun!ukc!dcl-cs!aber-cs!athene!pcg From: pcg@cs.aber.ac.uk (Piercarlo Grandi) Newsgroups: comp.unix.internals Subject: Re: Unix files should have both real and effective ids for files too Message-ID: Date: 19 Dec 90 16:07:07 GMT References: <109958@convex.convex.com> <14526:Dec711:12:5790@kramden.acf.nyu.edu> <1990Dec11.204735.4517@gjetor.geac.COM> Sender: pcg@aber-cs.UUCP Organization: Coleg Prifysgol Cymru Lines: 30 Nntp-Posting-Host: odin In-reply-to: adeboer@gjetor.geac.COM's message of 11 Dec 90 20:47:35 GMT On 11 Dec 90 20:47:35 GMT, adeboer@gjetor.geac.COM (Anthony DeBoer) said: adeboer> In article adeboer> pcg@cs.aber.ac.uk (Piercarlo Grandi) writes: pcg> Note that having real and effective id for files too also solves the pcg> problem of protection and accounting for space for protected subsystems pcg> like Ingres or LPD, which currently have three equally unpalatable pcg> choices: Note that I have written "id" not "uid" -- there would need to be real effective user _and_ group ids. adeboer> There's a fourth choice: give the subsystem a group ID of its adeboer> own. The files in the queue would remain owned by their adeboer> original owner, but the GID would be "lp" or whatever, and the adeboer> permissions 660. This is a fairly common scheme (e.g. month, some mails), and uses the uid for real uid and the gid for effective _u_id. By doing so you lose the gid, as it is used to simulate the effective uid. This can be a problem -- for example on systems I managed accounting was done by gid, with breakdown by uid. On the other hand you do have a point: there is a fourth unpalatable choice which I had forgotten. -- Piercarlo Grandi | ARPA: pcg%uk.ac.aber.cs@nsfnet-relay.ac.uk Dept of CS, UCW Aberystwyth | UUCP: ...!mcsun!ukc!aber-cs!pcg Penglais, Aberystwyth SY23 3BZ, UK | INET: pcg@cs.aber.ac.uk