Path: utzoo!attcan!uunet!hi-csc!giebelhaus From: giebelhaus@hi-csc.UUCP (Timothy R. Giebelhaus) Newsgroups: comp.sys.apollo Subject: Re: apollo "native ethernet" is too good ??? Message-ID: <3f407d89.12c4f@hi-csc.UUCP> Date: 24 Oct 88 17:35:00 GMT References: <14@lgnp1.MASA.COM> Reply-To: giebelhaus@hi-csc.UUCP (Timothy R. Giebelhaus) Organization: csdd Lines: 56 In article <14@lgnp1.MASA.COM> vskahan@lgnp1.MASA.COM (Vince Skahan) writes: >[...not necessarily "flame on" but certainly "bitch on"...] > > - apollo says use one master registry but we have very different >organizations with very different ideas and needs for security. >This leads to the need to use more than one master registry. If you are going to use native ethernet, then, yes, it makes sense to use one registry as the definition of native ethernet is to have one file system. If you wish, you can have seperate file systems, though. You can have completely seperate rings with nothing but the "standard" UNIX TCP applications joining the rings. You would have to use rcp or ftp to gain access to files on a remote ring. >- the "canned SIDs" for administrators and system accounts/ppo's results >in a sys_admin in one registry having the same priv's in other registry >rings (internets), making everyone everywhere open to problems created >by well-meaning but rookie admin's (and hypothetically >not-so-well-meaning folks). I'll assume native ethernet here. The trick to this is to have a master administrator who has the root and %.sys_admin account. Then using the extended acls, add other users to have access over exactly the files on exactly the machines they should have access over. For example, say your different rings are "sales", "r_d", "marketing", and "finance". You give a user on the sales ring the account user.admin.sales and acl either all the files in the sales ring so that %.admin.sales has access or just some files so that %.admin.sales has access. In the SR10 registry system, you can divide the registry reponsibilities also. Perhaps you will want user.admin.sales to only have access to %.%.sales accounts. There will be a paper on the SR10 registry system at the next USENIX. Granted, however, that there are some things that the user.admin.sales user will not be able to do without help from the root user (such as set the sticky bit on a root owned program). It is my belief that the system outlined above is in general much more flexible, more secure, and easier to administrate for more applications than not using the native ethernet. For example, say someone in sales wanted to make a file availble to the people in marketing also. The people in marketing could have transparent access to it as soon as the person in sales gave them access. No networking commands need be learned by the users. If you have more questions about this, please feel free to mail them to me. -- UUCP: uunet!hi-csc!giebelhaus UUCP: tim@apollo.uucp ARPA: hi-csc!giebelhaus@umn-cs.arpa ARPA: tim@apollo.com Tim Giebelhaus, Apollo Computer, Regional Software Support Specialist. My comments and opinions have nothing to do with work.