Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.3 4.3bsd-beta 6/6/85; site ucbvax.BERKELEY.EDU
Path: utzoo!decvax!ucbvax!LLL-ICDC.ARPA!oberman
From: oberman@LLL-ICDC.ARPA ("Oberman, Kevin")
Newsgroups: mod.computers.vax
Subject: RE: VMS: questions about LP11s and file secu
Message-ID: <8608090404.AA18286@ucbvax.Berkeley.EDU>
Date: Fri, 8-Aug-86 11:15:00 EDT
Article-I.D.: ucbvax.8608090404.AA18286
Posted: Fri Aug  8 11:15:00 1986
Date-Received: Sat, 9-Aug-86 10:21:18 EDT
Sender: daemon@ucbvax.BERKELEY.EDU
Reply-To: "Oberman, Kevin" <oberman@lll-icdc>
Organization: The ARPA Internet
Lines: 19
Approved: info-vax@sri-kl.arpa

I have a possible (and maybe reasonable) solution to the problem of cluster
disk security from users in a certain group. (i.e. Students).

The students would be given an identifier (e.g. STUDENT). The MFD on the
disks in question could then be given an ACL prohibiting access by a holder
of the STUDENT identifier. I don't believe there is any way to access the
disk if you can't access the MFD.

A possible ACE for the MFD would be:
$ SET DIRECTORY/ACL=(ID=STUDENT,ACCESS=NONE) disk$name:[000000]

Please be aware that this is just an idea, not something I have tried, so
the syntax may be a bit off.

						Kevin Oberman
						UCLLNL
						ARPA: oberman!lll-icdc.arpa
						(415) 422-6955
------