9fans archive / 1997 / 10 / 64 /    prev next

From: G. David Butler gdb@dbS...
Subject: [9fans] group organization
Date: Thu, 23 Oct 1997 22:26:13 -0500

From: Scott Schwartz <schwartz@fin...>
>
>I hate to raise heretical notions, but I really don't think
>user/group/other works very often, and it's not worth trying to tweak
>it.  If a filesystem object isn't world readable, then 90% of the time
>I want an access control list (maybe just for directories) to specify
>who gets to do what with that file.  Allowing the authentication
>system to put users in multiple catagories, even if you can change
>them easily, doesn't seem to me to be the right solution.

I would like to see an efficient ACL implementation to consider.

Unless you have a large user population with multiple domains of
administration the group concept is simpler and sufficient.  (A
group is just a ACL "macro".)  For my part, I like the tighter
security of P9 over *NIX.  If you have followed the list you will
notice I have tightened it further.  (I have effectively excluded
"none" from "other".)

>"If I want Multics, I know where to find it."
Yes, but is it available in source and does it run on a PC? :->