Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!mnetor!uunet!seismo!mcnc!gatech!bloom-beacon!think!ames!lll-tis!elxsi!capra!nick From: nick@capra..UUCP (Nick Whyte) Newsgroups: comp.misc Subject: Re: access-lists vs. unix permissions Message-ID: <457@elxsi.UUCP> Date: Fri, 17-Jul-87 22:35:53 EDT Article-I.D.: elxsi.457 Posted: Fri Jul 17 22:35:53 1987 Date-Received: Sat, 18-Jul-87 18:39:30 EDT References: <1334@ssc-vax.UUCP> <1144@bloom-beacon.MIT.EDU> Sender: nobody@elxsi.UUCP Reply-To: nick@capra.UUCP (Nick Whyte) Organization: ELXSI Super Computers, San Jose Lines: 33 Keywords: security In article <1144@bloom-beacon.MIT.EDU> langz@athena.mit.edu (Lang Zerner) writes: >In article <1334@ssc-vax.UUCP> herber@ssc-vax.UUCP (David A Wilson) writes: ... >> The issue I would like to discuss is why are access-lists considered >>more secure that unix-style owner/group/other permission(as the specification >>seems to apply)? Are there any studies that show this? I can see no reason ... >group for every file in the system. To implement file access lists using the >permissions system, all that would be necessary would be to have each file have >its own entry in /etc/group, along with the appropriate permissions. For ... This would only allow one permission matrix for anyone besides owner and world. With access lists you can grant different permissions to different groups. EMBOS (Elxsi's proprietary OS) has a powerful access list scheme which includes passwords (as a fake group) to qualify for different access rights, and program lists, where some groups are required to be running one of the specified programs to acquire the specified access. The down side is the complexity of the security mechanism is difficult for naive users to understand. We have added simple security commands to provide basic "Do what I mean" functions, but this does not prevent them from using the full feature commands as an experiment and getting bizarre security behavior (to them). The higher probability of creating wrong security matrices could be interpreted as an increased security risk, though the system administrator could build some fire walls around different "groups" of users. -- Nick Whyte {ucbvax|ihnp4|seismo}!sun!elxsi!nick Elxsi Disclaimer: I don't know if Elxsi agrees with what I said since I didn't bother to ask anyone.