Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Posting-Version: version B 2.10.3 alpha 4/15/85; site sdcc13.UUCP Path: utzoo!linus!philabs!cmcl2!seismo!harvard!think!mit-eddie!genrad!decvax!ittvax!dcdwest!sdcsvax!sdcc3!sdcc13!ee163acp From: ee163acp@sdcc13.UUCP (DARIN JOHNSON) Newsgroups: net.unix-wizards Subject: Re: new user id system idea. Message-ID: <221@sdcc13.UUCP> Date: Wed, 1-May-85 18:25:16 EDT Article-I.D.: sdcc13.221 Posted: Wed May 1 18:25:16 1985 Date-Received: Sat, 4-May-85 08:06:26 EDT References: <6611@ucbvax.ARPA> Organization: U.C. San Diego, Academic Computer Center Lines: 36 In article <6611@ucbvax.ARPA>, wizard%wisdom.bitnet@WISCVM.ARPA writes: > From: Mike Trachtman > > an idea for protection sceme for unix. > > Note: this is not entirely thought out, any comments are welcome. > > It seems to me that having only all or no privledges, > is not quite appropiate for systems that support more than 20 users. > > One would like to give teaching assitants access to make some accounts, > have other users be allowed to do backups, have some users, be allowed > to access certain devices, etc., w/o giving them full su privs. I know of lots of people who hate VMS because it has to many protection modes. On the other hand, lots of people hate UNIX for the lack thereof. I would like to see something in the middle. All of the VMS privileges get kind of huge. (we have jokes about ABLE-TO-COMPILE-ON-TUESDAY privileges being added in a new version) On the other hand, on UNIX, you have to go and give your new system service to the SU to get it running (suid eats up your account). The VMS system we have here has virtually-nil privileges for students. This is annoying when we could use things like mailboxes but aren't allowed to. So if a new system were set up, people would tend to have an all or none approach anyway. For universities, it would seems nice to disallow all but the most basic permissions to introductory classes. For example, when our system got incredibly loaded and a certain command was 'turned off', those of us who didn't overuse it are equally restricted as the hogs. So something more than just owner, group, others would be a nice change. Oh well, enough rambling, off to work. Darin Johnson UCSD