Path: utzoo!utgpu!attcan!uunet!lll-winken!lll-lcc!ames!pasteur!ucbvax!CAEN.ENGIN.UMICH.EDU!frank
From: frank@CAEN.ENGIN.UMICH.EDU (Randy Frank)
Newsgroups: comp.sys.apollo
Subject: Re: why no native unix??
Message-ID: <40b47aa32.000bf2e@caen.engin.umich.edu>
Date: 6 Jan 89 16:47:26 GMT
Sender: daemon@ucbvax.BERKELEY.EDU
Organization: The Internet
Lines: 23

you want an argument for acl's over std unix permissions?

Try running an enviornment with 6000 users.  We'd have to hire a couple
of full time people just to manage traditional unix groups.  Everytime
someone wanted to add or delete someone from a group some "wizard" would
have modify the groups files.  Also, every time you JUST wanted to let one
other person look at a file you'd have to created a group just for that
purpose.  (Come to think of it, aren't GIDs only 16 bits?  Let's see, that would
let each user have about 5 groups on average.  So if you wanted to let 6
different people individually see six different files, you're S.O.L....)

Now, let say you want to let some group of users just read a file, another
group of user read and write a file, and everyone else have no access.  I could
hire a thousand people to manage the group file and they couldn't come up with
a solution to that one.

Of course, I could always implement a "permissions" deamon which you go thru
to get at files which had a facility to allow users to specify complicated
permissions on top of the existing Unix rwx mechanism, but gee, isn't what
I just did to implement an ACL facility on top of unix, and, by gosh, isn't
that exactly what Apollo has done???

Randy