Path: utzoo!utgpu!water!watmath!clyde!att!osu-cis!tut.cis.ohio-state.edu!mailrus!ames!pasteur!agate!ucbvax!YALE.ARPA!long-morrow
From: long-morrow@YALE.ARPA ("H. Morrow Long")
Newsgroups: comp.sys.apollo
Subject: Re: apollo "native ethernet" is too good ???
Message-ID: <8810250140.AA05275@ELI.CS.YALE.EDU>
Date: 25 Oct 88 01:40:04 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: Yale University Computer Science Dept, New Haven CT  06520-2158
Lines: 28

In your article you write:
>From: vskahan%lgnp1%dsinc%vu-vlsi%cbmvax%bpa.uucp@rutgers.edu  (Vince Skahan)
>...
>- there is an inherent trade-off between the idea of transparent access
>from all nodes in all rings to one another and the real world problems
>of different organizations on the same ethernet who need access to
>common Vaxes (with TCP/IP and/or access) but want to protect the heck
>out of everything to keep *their* system under reasonable control.
>...
>Is this reasonable??? The only thing that this doesn;t have is
>organization-organization transparent file transfer (other than ftp).
>...
>I guess the real problem is that the Apollo networks are SO transparent,
>...
	Sounds like you might want to run NFS between your rings,
	mounting each ring in each others global root, this would allow
	ordinary users to 'read' world-readable files and users with accounts
	(userids) on both rings to have owner (rwxd) access to their files on
	the remote ring.

	This would provide somewhat more 'firewalling' of security problems
	between rings (than the Domain filesystem) at the cost of less
	transparency and functionality (currently you can't store - and use -
	many file type objects under Aegis on NFS filesystems).

						H. Morrow Long
						Mgr. of Dev.
						Yale U. CS Dept. Computing Fac.