Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!elroy.jpl.nasa.gov!ncar!gatech!prism!gt0178a
From: gt0178a@prism.gatech.EDU (Jim Burns)
Newsgroups: comp.unix.wizards
Subject: ACL lists (was Re: file attributes)
Message-ID: <31710@hydra.gatech.EDU>
Date: 24 Jun 91 10:28:05 GMT
References: <BZS.91Jun22125410@world.std.com>
Organization: Georgia Institute of Technology
Lines: 20

in article <BZS.91Jun22125410@world.std.com>, bzs@world.std.com (Barry Shein) says:

> One common reason this comes up is to implement access list protection
> (where we store a list of pairs, user/permissions.) This is required
> (or the accepted way to meet standards) by one of the Orange Book
> classifications (B2 I believe.)

I rather liked the IDEA of ACL lists, being first exposed (briefly) to
them in VMS. The one implementation of them I saw, tho', HP-UX 7.0's, had
a flaw that any time you use 'chmod', it wipes out the ACL list. Seems to
me that chmod should just change the base permissions in the ACL list, not
wipe them out. Chmod permissions and ACL permissions should be more
closely integrated, possibly wiping out conflicting ACL requirements, but
not wiping them out altogether. I hope this practice is NOT 'an accepted
way to meet standards', and not part of POSIX, etc. Any comments?
-- 
BURNS,JIM (returned student)
Georgia Institute of Technology, 30178 Georgia Tech Station,
Atlanta Georgia, 30332            | Internet: gt0178a@prism.gatech.edu
uucp:	  ...!{decvax,hplabs,ncar,purdue,rutgers}!gatech!prism!gt0178a