Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Path: utzoo!utgpu!water!watmath!clyde!rutgers!husc6!ut-sally!bcm!svedberg!rick
From: rick@svedberg.UUCP
Newsgroups: comp.cog-eng
Subject: Re: Request for human interface des
Message-ID: <453@uni2.bcm.tmc.edu>
Date: Mon, 7-Dec-87 14:21:40 EST
Article-I.D.: uni2.453
Posted: Mon Dec  7 14:21:40 1987
Date-Received: Sat, 12-Dec-87 11:36:02 EST
References: <6304@ncoast.UUCP> <10300004@osiris.cso.uiuc.edu>
Sender: usenet@bcm.tmc.edu
Lines: 35
Summary: delete permission

In article <10300004@osiris.cso.uiuc.edu>, goldfain@osiris.cso.uiuc.edu writes:
> 
>      What do people think of the idea of having a  "delete permission"  bit in
> addition to the 3 unix permissions of read, write, and execute ?
>      One way to protect important  files from "rm" would then  be to deny this
> permission.  I realize most systems don't make  this distinction, since to the
> programmer's    mind,   write  permission  and   delete   permission are about
> equivalent.  What this discussion has highlighted  however, is that there is a
> subtle difference.   Programmers  do not   often trash important   files while
> editing  them.  If they  do, most  good editors  have automatic backup schemes
> that allow the programmer to recover  from his error.   And even at the worst,
> only one file is usually zapped in this way (and after  that NONE for  quite a
> period  of time, right?)   But  a wayward  character  on file-management level
> commands can trash immense amounts.  So in practice there is a difference.

In many non-Unix systems, there is a distinct difference between write and delete premission. On both
the Prime and Unisys 1100 systems, there is a distinction made between writing and deleting a file. As
you pointed out, there is a subtle difference between the two and most of the systems I have been on
make this distinction. (As I remember, the old TOPS-10 also made a distinction between write access and
delete access.) One other permission bit which should also be considered is the permission to change
protection bits. Again, the systems I have worked with make a distinct distinction between permission
to use the file and permission to change the attributes of the file. 

All of these considerations really come into play when you start discussing file security. In most
security system, you want to make the granularity of permission as fine as possible without making it
so fine as to eat your machine everytime a file is opened. The permissions which I feel are necessary
are: read, write, execute, delete, and change-protection. For directories, I would add bits to allow
a directory to be used but not viewed and permission to list a directory. 



Richard H. Miller                 Email: rick@svedburg.bcm.tmc.edu
Head, System Support              Voice: (713)799-4511
Baylor College of Medicine        US Mail: One Baylor Plaza, 302H
                                           Houston, Texas 77030