On Tue, 2003-11-18 at 11:30, Christopher Sawtell wrote:
> > The extension of this is ACLs - I've used ACL-based systems extensively
> > in the past, and without a decent management system,
> Can you recommend one?
Nope.
:-)

I was hacking on VMS. Some aspects were deeply satisfying (like
privilege-escalation attacks ... VMS had an excessive number of
privileges for a user ...) but others were a little clunky (DCL, the
command scripting language ... and the COBOL-ish "program switches as
full words only" habits).

You could specify ACLs on files, but they felt very added-on-later -
IIRC the standard directory lister didn't show them to you. You had to
remember to query each file to find out what the ACL for it was (It's
possible that I'm mis-remembering, or simply didn't know the right
commands). It was easy to declare unuseable combinations for a file.

> 
> > they become very
> > difficult to manage. Groups are clunky compared to ACLs, but generally
> > adequate.
> Note that the database systems offer fine control over access to the internal 
> tables.
Is that "fine control" as in "fine-grained control", or "excellent
control" ?

IMO, it's having two separate schemes for permission information that
leads to problems. If you're using ACLs, have by default ACL groups that
match the traditional unix permission categories, and hack 'ls' so that
it presents these permissions - or use ACLs, and set the unix
permissions to something "impossible", like 0000 ... thus reminding you
to refer to ACLs instead ...

-jim

Reply via email to