non-superuser chown(2)s considered harmful
Sean Eric Fagan
sef at kithrup.COM
Tue Dec 11 21:19:09 AEST 1990
In article <3128:Dec1001:47:0490 at kramden.acf.nyu.edu> brnstnd at kramden.acf.nyu.edu (Dan Bernstein) writes:
>> However, in a co-operative environment (such as commercial installations)
>> there is quite a bit of file-sharing going on in a very ad hoc fashion.
>I prefer the control you get from a setuid program.
I prefer the control you get from a proper implementation of ACL's. See
Elxsi's EMBOS for an example. (Normal ACL's, an extension of Unix's rwx
philosophy, with users and groups; passwords for files [I forget whether
different users could have different passwords; I think so], and the ability
to specify that a file can only be accessed using a program from a given
program list [*neat*; I couldn't think of a normal use for SUID programs
under embos given that!].)
Sadly, when unix goes to ACL's, I suspect I won't see something like Embos.
*sigh*
--
Sean Eric Fagan | "I made the universe, but please don't blame me for it;
sef at kithrup.COM | I had a bellyache at the time."
-----------------+ -- The Turtle (Stephen King, _It_)
Any opinions expressed are my own, and generally unpopular with others.
More information about the Comp.unix.internals
mailing list