Date: Tue, 14 Oct 1997 12:54:34 -0500 (CDT) From: Aleph One <aleph1@dfw.net> To: Brian Beattie <beattie@stt3.com> Cc: Colman Reilly <careilly@monoid.cs.tcd.ie>, Douglas Carmichael <dcarmich@mcs.com>, freebsd-security@FreeBSD.ORG Subject: Re: C2 Trusted FreeBSD? Message-ID: <Pine.SUN.3.94.971014124854.10817A-100000@dfw.dfw.net> In-Reply-To: <Pine.GSO.3.95.971014074219.1809C-100000@durin>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 14 Oct 1997, Brian Beattie wrote: > Most of the people involved in INFOSEC are absolutely "head over heals" in > love with ACL's, big ACL's. I am not convinced of their utility in the > real world, especially with suplementary groups. If I were designing a B1 > UNIX system I would not change the current access control design. The problem with ACL's is not it's nature but the fact that if you implement them under UNIX nothing knows how to candle them. For example you would need to modify ls to show them, you need to modify cp to copy them, you programs need to be aware of ACL directory inheritance, etc. This is not a problem when you are designing a new OS and people will have to learn the new API (e.g. Windows NT) but if you are trying to maintain compatibility with other unixes or try to port random programs it becomes a pain. HP-UX has had ACLs for quite some time now but not one uses them just because of this. Aleph One / aleph1@dfw.net http://underground.org/ KeyID 1024/948FD6B5 Fingerprint EE C9 E8 AA CB AF 09 61 8C 39 EA 47 A8 6A B8 01
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SUN.3.94.971014124854.10817A-100000>