Date: Wed, 18 Jun 1997 06:16:12 -0700 (MST) From: Don Yuniskis <dgy@rtd.com> To: ahd@kew.com (Drew Derbyshire) Cc: hackers@FreeBSD.ORG Subject: Re: granting auth to processes Message-ID: <199706181316.GAA27714@seagull.rtd.com> In-Reply-To: <33a61180.kew-sonata@sonata.uucp.kew.com> from Drew Derbyshire at "Jun 17, 97 00:24:32 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> It's not so much the shared library vs. server which concerns me, but > levels of access granted. If every program didn't need full root access > to change the effective user, it's not as big a problem. > > Consider it's the multiple levels of access needed to a set of files: > > User O can create or delete file > Group A can read/write existing files > Group B can read existing file > Group C can write existing file > Others have no access > > UFS does not allow this in a trivial fashion, because it has a finite > number of permission bits. Likewise I somewhat object to a model which > only has root/noroot as classes of API access, because it leads to the > wrong amount of priv granted. Can you spell MULTICS? --don
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199706181316.GAA27714>