[E-Lang] Java 2 "Security" (was: Re: WelcomeChrisSkalkaandScottSmith of Johns Hopkins)

David Wagner daw@mozart.cs.berkeley.edu
27 Jan 2001 00:37:10 GMT


Ben Laurie  wrote:
>At the risk of getting boring, I quote David's original statement: "In
>fact, if you look at, say, Unix file permissions (an ACL system),
>delegation is not all-or-nothing: you can hand off just read permission,
>etc." (this was in the mail you replied to - why trim it?).

Yes, and I stand by my claim.  Unix permissions
*aren't* all-or-nothing!  You can hand off read
access to another group without handing off write
access.

Now, sure, maybe this isn't good enough for you.
Maybe you want even better than this.  (I know I do!)
Maybe the restriction to handing it off to an existing
group is a problem.  Maybe the mere separation between
read and write access isn't fine-grained enough (maybe
you want append-only mode, for instance).  All of those
are perfectly good criticisms of Unix permissions -- but
that's besides the point.

I was just trying to give an example of one ACL-based
system where delegation isn't all-or-nothing.  Even if
Unix permissions aren't as nice as you'd like, they
certainly aren't all-or-nothing.