Path: utzoo!utgpu!utstat!jarvis.csri.toronto.edu!rutgers!cs.utexas.edu!uunet!mitel!sce!cognos!dgbt!gandalf!ml
From: ml@gandalf.UUCP (Marcus Leech)
Newsgroups: comp.unix.wizards
Subject: Re: New (GNU) kernels--what I think
Message-ID: <2510@gandalf.UUCP>
Date: 2 Jun 89 22:26:42 GMT
References: <2501@gandalf.UUCP> <13488@swan.ulowell.edu> <32063@bu-cs.BU.EDU>
Organization: Gandalf Data Ltd, Product Development
Lines: 22

In article <32063@bu-cs.BU.EDU>, bzs@bu-cs.BU.EDU (Barry Shein) writes:
> 
> The problem with VMS's privilege bits is that it's just a grab-bag of
> privileges roughly modeled on the system resource categories, but not
> what you might do with access to them. It seems to have basically
> accreted over time with only a little thought to how they might be
> used. The result is that the privilege required to do something
> reasonable (like create a global mailbox for IPC programming) often
> gives you the ability to do something non-obvious and damaging.
Agreed. VMS has been accreted way-too-many bits over time,  I had to
  laugh when we got VMS4.x, and then VMS5.x--more privilege bits than
  anyone can make any reasonable use of.  Let's face it, SYSPRV gets
  you just about anything you want (use it to modify your AUTHORIZED
  privs, and away you go...).  I agree that perhaps a fundamentally new
  model for rights/privilege is required.  Neither the UNIX model, nor
  the VMS model seem to be "right". I'm not sure that a "mind-meld" of the
  two models is right either.
-- 
"Better Living through modern chemistry" PaperMail: 130 Colonnade Rd, Nepean,ON
Marcus Leech                             E-mail:     ml@gandalf.UUCP
Gandalf Data Ltd                         PacketRadio: VE3MDL@VE3JF
"The opinions expressed herein are solely my own" So there