Path: utzoo!mnetor!uunet!lll-winken!lll-lcc!lll-tis!ames!nrl-cmf!cmcl2!husc6!bbn!uwmcsd1!ig!agate!ucbvax!RCCA.BBN.COM!RMCEWEN
From: RMCEWEN@RCCA.BBN.COM
Newsgroups: comp.os.vms
Subject: RE: rudimentary ACL/Rightslist interface in C for sale: $0.00
Message-ID: <8802100424.AA13960@ucbvax.Berkeley.EDU>
Date: 27 Jan 88 17:12:19 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 36

Todd,

	Yes, you would save me lots of "grief and aggravation" to put
	together a package to manipulate ACLs in a cohesive way.

	I was in the middle of incorporating ACL routines for our
	account generating program.  Some of the problems I've encountered
	that perhaps you may have encountered, (if you are also using
	$SETUAI in your account manipulation scheme) was that $SETUAI
	*does not* "trip" the "Rec Mod" field in the security alarm.
	(SECAUDIT will verify this).  My guess is that $SETUAI is
	modifying the records in a way that AUTHORIZE is not and/or
	the $SETUAI mungs the "Rec Mod" somewhat.


	[I do not have the 'fiche at present...does any knowledgable reader
	have any information on what's not taking place?
	I am running VMS V4.5 soon to be V4.7...( I generally skip
	even numbered versions). No info in the release notes that there were
	any changes after V4.5]

	However, all of the ACL modifying routines, $MOD_IDENT, $REVOKE_ID,
	etc. work the same from the direct system calls or AUTHORIZE in
	terms of setting off the appropiate alarms.

	If you (or any other reader) came across any other obstacles or
	nuances, I'd like to hear from you.

	A copy of your routines would be most appreciated.
	Thanks, in advance.

							-Regis McEwen
							 System Analyst/
							 System Programmer
							 Bolt, Beranek & Newman

-------