From: gary@acacia (Gary Moyer) Subject: Re: Access control lists and Linux Date: 17 Apr 1993 04:58:16 GMT
hpa@merle.acns.nwu.edu (H. Peter Anvin N9ITP) writes:
: > Thats an interesting idea. I can see 2 major drawbacks:
: > 1) what protection scheme would be used for this centralized data base?
: > 2) if it were stored on a secondary storage device: what would guarantee
: > security to it ?
: >
: > Thoughts?
:
: Well, here is a suggestion:
:
: Let each filesystem be mounted with or without access daemon support
: (with for flexible security, without for speed). If the kernel
: detects a permission mismatch, it will call up (through some standard
: interface) `accessd' which (of course) runs as root. It informs
: accessd of uid, gid(s) and filename, and accessd returns the
: permissions approved to the kernel. Alternatively `accessd' could be
: a part of the kernel, but it *would* be bloat....
:
: I would suggest the accessd database is simply a (collection of)
: file(s) to which only root have access (by the traditional permissiona
: bits).
We're back at the square where we started from. The main, and most important
advantage I can see, to ACL's is that you have an _independent_ access level
that cannot be compromised by the lower level access levels (i.e. unix
file permissions).
-g.m.