Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP Path: utzoo!utgpu!water!watmath!clyde!rutgers!husc6!ut-sally!bcm!svedberg!rick From: rick@svedberg.UUCP Newsgroups: comp.cog-eng Subject: Re: Request for human interface des Message-ID: <453@uni2.bcm.tmc.edu> Date: Mon, 7-Dec-87 14:21:40 EST Article-I.D.: uni2.453 Posted: Mon Dec 7 14:21:40 1987 Date-Received: Sat, 12-Dec-87 11:36:02 EST References: <6304@ncoast.UUCP> <10300004@osiris.cso.uiuc.edu> Sender: usenet@bcm.tmc.edu Lines: 35 Summary: delete permission In article <10300004@osiris.cso.uiuc.edu>, goldfain@osiris.cso.uiuc.edu writes: > > What do people think of the idea of having a "delete permission" bit in > addition to the 3 unix permissions of read, write, and execute ? > One way to protect important files from "rm" would then be to deny this > permission. I realize most systems don't make this distinction, since to the > programmer's mind, write permission and delete permission are about > equivalent. What this discussion has highlighted however, is that there is a > subtle difference. Programmers do not often trash important files while > editing them. If they do, most good editors have automatic backup schemes > that allow the programmer to recover from his error. And even at the worst, > only one file is usually zapped in this way (and after that NONE for quite a > period of time, right?) But a wayward character on file-management level > commands can trash immense amounts. So in practice there is a difference. In many non-Unix systems, there is a distinct difference between write and delete premission. On both the Prime and Unisys 1100 systems, there is a distinction made between writing and deleting a file. As you pointed out, there is a subtle difference between the two and most of the systems I have been on make this distinction. (As I remember, the old TOPS-10 also made a distinction between write access and delete access.) One other permission bit which should also be considered is the permission to change protection bits. Again, the systems I have worked with make a distinct distinction between permission to use the file and permission to change the attributes of the file. All of these considerations really come into play when you start discussing file security. In most security system, you want to make the granularity of permission as fine as possible without making it so fine as to eat your machine everytime a file is opened. The permissions which I feel are necessary are: read, write, execute, delete, and change-protection. For directories, I would add bits to allow a directory to be used but not viewed and permission to list a directory. Richard H. Miller Email: rick@svedburg.bcm.tmc.edu Head, System Support Voice: (713)799-4511 Baylor College of Medicine US Mail: One Baylor Plaza, 302H Houston, Texas 77030