Path: utzoo!attcan!uunet!peregrine!elroy!jplopto!dave
From: dave@jplopto.uucp (Dave Hayes)
Newsgroups: comp.sys.apollo
Subject: DOMAIN/IX Protections
Message-ID: <11489@elroy.Jpl.Nasa.Gov>
Date: 23 Nov 88 00:42:53 GMT
Sender: news@elroy.Jpl.Nasa.Gov
Reply-To: dave@jplopto.UUCP (Dave Hayes)
Organization: Jet Propulsion Lab, Pasadena, CA
Lines: 19

We are running two nodes with 9.7 DOMAIN/IX in a network of 
about 20 workstations. Could some knowledgeable person 
please answer the following questions? 

1) To what degree is "root" a security hole on both systems
(i.e. DOMAIN/IX and Non-DOMAIN/IX)? What access is allowed/disallowed,
does root have locksmith functionality, etc?

2) How is the DOMAIN/IX ACL system different from the standard
one? Are there special hooks for DOMAIN/IX permissions?
                                    
3) Is there a way to change ownership on files in DOMAIN/IX
that have DOMAIN/IX permissions attached WITHOUT being logged
in as "root" or "locksmith"? Are there group permissions?

Thanks in advance for any replies posted or emailed!
------------=====<<<<(Dave Hayes)>>>>=====-------------
          dave%jplopto@jpl-mil.jpl.nasa.gov 
          {cit-vax,ames}!elroy!jplopto!dave