Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!mcnc!gatech!bloom-beacon!think!ames!lll-tis!elxsi!capra!nick
From: nick@capra..UUCP (Nick Whyte)
Newsgroups: comp.misc
Subject: Re: access-lists vs. unix permissions
Message-ID: <457@elxsi.UUCP>
Date: Fri, 17-Jul-87 22:35:53 EDT
Article-I.D.: elxsi.457
Posted: Fri Jul 17 22:35:53 1987
Date-Received: Sat, 18-Jul-87 18:39:30 EDT
References: <1334@ssc-vax.UUCP> <1144@bloom-beacon.MIT.EDU>
Sender: nobody@elxsi.UUCP
Reply-To: nick@capra.UUCP (Nick Whyte)
Organization: ELXSI Super Computers, San Jose
Lines: 33
Keywords: security

In article <1144@bloom-beacon.MIT.EDU> langz@athena.mit.edu (Lang Zerner) writes:
>In article <1334@ssc-vax.UUCP> herber@ssc-vax.UUCP (David A Wilson) writes:
...
>>	The issue I would like to discuss is why are access-lists considered
>>more secure that unix-style owner/group/other permission(as the specification
>>seems to apply)? Are there any studies that show this? I can see no reason
...
>group for every file in the system.  To implement file access lists using the
>permissions system, all that would be necessary would be to have each file have
>its own entry in /etc/group, along with the appropriate permissions.  For
...

This would only allow one permission matrix for anyone besides owner and world.
With access lists you can grant different permissions to different groups.
EMBOS (Elxsi's proprietary OS) has a powerful access list scheme which
includes passwords (as a fake group) to qualify for different access rights,
and program lists, where some groups are required to be running one of the
specified programs to acquire the specified access.  The down side is the
complexity of the security mechanism is difficult for naive users to
understand.  We have added simple security commands to provide basic
"Do what I mean" functions, but this does not prevent them from using
the full feature commands as an experiment and getting bizarre security
behavior (to them).  The higher probability of creating wrong security
matrices could be interpreted as an increased security risk, though the
system administrator could build some fire walls around different
"groups" of users.


-- Nick Whyte   {ucbvax|ihnp4|seismo}!sun!elxsi!nick
   Elxsi

Disclaimer: I don't know if Elxsi agrees with what I said since
  I didn't bother to ask anyone.