Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!seismo!mcvax!jack
From: jack@mcvax.uucp (Jack Jansen)
Newsgroups: net.micro.68k,net.arch
Subject: Re: SUID Patent
Message-ID: <7094@boring.mcvax.UUCP>
Date: Fri, 3-Oct-86 05:56:01 EDT
Article-I.D.: boring.7094
Posted: Fri Oct  3 05:56:01 1986
Date-Received: Tue, 7-Oct-86 23:17:48 EDT
References: <508@elmgate.UUCP> <64@mit-prep.ARPA> <15665@ucbvax.BERKELEY.EDU> <4794@ukma.uky.csnet> <404@vaxb.calgary.UUCP>
Reply-To: jack@boring.uucp (Jack Jansen)
Organization: AMOEBA project, CWI, Amsterdam
Lines: 26
Keywords: (SUID Patent)
Xref: mnetor net.micro.68k:1357 net.arch:3214
Apparently-To: rnews@mcvax


In article <404@vaxb.calgary.UUCP> radford@calgary.UUCP (Radford Neal) writes:
>In article <4794@ukma.uky.csnet>, david@ukma.uky.csnet (David Herron, NPR Lover) writes:
>
>> hmmmm... I guess the patent office didn't know about JACCT on TOPS-10.
>> 
>
>As far as I can see, the only innovation in UNIX SUID stuff is that the
>priviledges inherited can be those of any user, not just some "super user",
>as determined by file ownership. Personally, I don't this this ought to be 
>enough to justify a patent.

I think the innovation that *anyone* can make a program with special
permissions is an innovation. The methods all the older operating systems
used was always something like giving extra permissions to files living
in a certain directory, or files specified in a certain list, etc.

What this conceptually does is move those programs to a different ring
of security: somewhere in between the kernel and the user. This is totally
different from suid. Also, the features provided by older operating systems
usually gave you a way of completely turning off the protection scheme.
Suid is much cleaner (and safer) in that respect.


-- 
	Jack Jansen, jack@mcvax.UUCP
	The shell is my oyster.