Path: utzoo!attcan!utgpu!jarvis.csri.toronto.edu!rutgers!tut.cis.ohio-state.edu!zaphod.mps.ohio-state.edu!wuarchive!psuvax1!schwartz
From: schwartz@psuvax1.cs.psu.edu (Scott Schwartz)
Newsgroups: comp.unix.wizards
Subject: Re: REALLY... What should the password/security/userinfo/login system include?
Message-ID: <1989Dec19.035043.6532@psuvax1.cs.psu.edu>
Date: 19 Dec 89 03:50:43 GMT
References: <4180@sbcs.sunysb.edu> <7348@ficc.uu.net>
Distribution: usa
Organization: Penn State University Computer Science
Lines: 24

In article <7348@ficc.uu.net> peter@ficc.uu.net (Peter da Silva) writes:
>How about:
>	Drastic changes to UNIX file semantics, like ACLs?

Do this.  It is a huge win.  Anyone who has used a system with well
supported ACLs (Pr1mos and Aegis are ones that I have) will agree with
this.  Anyone who objects to this will be required to indicate where
they've used it previously.  Most people I've argued with have never
tried Multics-style acls, and don't know what they are missing.

>	How about file passwords?

As in, supply a passwd to read a file?  Major lossage...don't do this.
Primos had this too, and using it was the best way to have no security
at all.  You wind up with applications that "know" the password so they
can read certain files.  Torture the application a little, and the
password is yours.  If you must use filesystem based techniques for
this kind of thing, setuid applications are whole bunches better, and
more elegant too.  (Note, I didn't say setuid _root_, so calm down
before hitting 'F' :-)

-- 
Scott Schwartz		<schwartz@shire.cs.psu.edu>
"More mips; cheaper mips; never too many." -- John Mashey