On 06/04/2015 08:42 AM, David Boyes wrote: >> > (recall the initial UNIX model had ri= ngs of privileges or was that just >> > Dante and the Seven levels of hell?) > No, that was MULTICS. UNIX V6 and earlier always only had 1 privilege flag > (superuser/general user) due to hardware I/D protection limitations on early > model PDPs (pre-11), and we're still stuck with it decades later. The CTSS > (later DEC's) PL/1 compiler also still sucks, lo these many years later -- I > blame much of Unix on that fact.
There are definitely two camps. Whether you blame the limited original hardware or bless the simplicity of the design, many people value the binary model. Witness what we do with VM: "You get alphabet soup", meaning you're a trusted VM admin, all CP privilege classes. Same thing was common practice in the DEC VMS world. On balance, many people want granular controls, division of labor. Witness the advent of SELinux (and SEVMS before it, as if VMS didn't already have excess granularity). > Now, MULTICS -- *that* had granular privileges; record level access control > in some cases. ... The inspiration for things which followed. Unix forked one direction and VMS forked the other. Maybe. -- R; <>< ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390 ---------------------------------------------------------------------- For more information on Linux on System z, visit http://wiki.linuxvm.org/
