Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!mnetor!uunet!seismo!mcvax!hafro!askja!keilir!malcolm
From: malcolm@keilir.UUCP (Malcolm Cohen)
Newsgroups: comp.misc
Subject: Re: access-lists vs. unix permissions
Message-ID: <264@keilir.UUCP>
Date: Mon, 20-Jul-87 11:30:09 EDT
Article-I.D.: keilir.264
Posted: Mon Jul 20 11:30:09 1987
Date-Received: Wed, 22-Jul-87 06:07:17 EDT
References: <1334@ssc-vax.UUCP> <860@ssc-bee.ssc-vax.UUCP> <1151@bloom-beacon.MIT.EDU>
Reply-To: malcolm@keilir.UUCP (Malcolm Cohen)
Organization: University of Iceland (RHI)
Lines: 22

In article <1151@bloom-beacon.MIT.EDU> langz@athena.mit.edu (Lang Zerner) writes:
>Not relative to the number of access lists you would need to provide the same
>protection.  You would need exactly one group for each file which had access
>list protection, just as you'd need exactly one access list per file in an
>access list-based system.

This is not true.  In fact the Apollo Domain system uses access lists (ACLs)
and *shares* equivalent ACLs automatically -- this sharing is completely
transparent to the user (except in the amount of disk space available).

Of course you really only need one group for each set of files which had the
same access permissions - but then you have lost the 'cute' naming scheme
suggested in your next paragraph - putting you back to the horrendous task of
managing all those groups; the only real solution to this is not to manage
them, i.e. to have the O/S do it for you, ... but then it starts looking like
ACLs anyway...

-- 

Malcolm Cohen			       mcvax!keilir!malcolm
Utgardar, Computer Centre, University of Iceland, Reykjavik
-----------------------------------------------------------