From owner-freebsd-security  Thu Oct 24 17:37:57 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id RAA06924
          for security-outgoing; Thu, 24 Oct 1996 17:37:57 -0700 (PDT)
Received: from trapdoor.aracnet.com (trapdoor.aracnet.com [204.188.47.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id RAA06919
          for <security@FreeBSD.ORG>; Thu, 24 Oct 1996 17:37:55 -0700 (PDT)
Received: from eris.beattie.aracnet.com (ppp-u4.aracnet.com [204.188.47.133]) by trapdoor.aracnet.com (8.7.4/8.6.9) with SMTP id RAA22493; Thu, 24 Oct 1996 17:37:20 -0700
Date: Thu, 24 Oct 1996 17:36:47 -0700 (PDT)
From: Brian Beattie <beattie@aracnet.com>
X-Sender: beattie@eris.beattie.aracnet.com
To: Softweyr LLC <softweyr@xmission.com>
cc: Garrett Wollman <wollman@lcs.mit.edu>, security@FreeBSD.ORG,
        Softweyr LLC <softweyr@xmission.xmission.com>
Subject: Re: Any FreeBSD security topics of interest?
In-Reply-To: <199610242310.RAA01706@xmission.xmission.com>
Message-ID: <Pine.NEB.3.95.961024173111.237A-100000@eris.beattie.aracnet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

-----BEGIN PGP SIGNED MESSAGE-----

On Thu, 24 Oct 1996, Softweyr LLC wrote:

> 
> The AFS model does show that we can implement more semantics that just
> read, write, and execute however.  The overlaid semantics of rwx and
> sticky on directories could be eliminated by adding a 'delete' privilege
> to the file ACL, like VMS has.
> 
> Lotsa design work to be done on this project, eh?  ;^)
> 
> 

Having implemented ACL's for UNIX and UNIX-like systems twice and
worked with a third, I consider them to be a waste of time and
resources. :-).  I would put more effort into understanding the
weaknesses of systems than in adopting band-aids developed for other
systems.  I think that the UNIX permissions as they stand are
sufficent. 

 
Brian Beattie                   | From an MIT job ad "Applicants must also have 
http://www.aracnet.com/~beattie | extensive knowledge of UNIX, although they
beattie@aracnet.com             | should have sufficently good programming taste
Fax (503)331-8186               | to not consider this an achievement."

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMnALiVQwtztGaITFAQEg8gQAyvJs90bu+7UNPz6O0NWA5aFzOf/EzZMN
Qf5z6bDjKzeP1ALuZiwIqWiniFZsDnzxwbTduMEAnpKCyIMl0jlDeF4d+stXykeX
NGl8CaNcVjRfQQ5T2jSTuWQunbdPiiYlQO2FmgcBvf7JP9QwyxK3XrSkgr7Y3+FH
+eesb1jyQdY=
=LCYg
-----END PGP SIGNATURE-----