LISTSERV - HP3000-L Archives

HP3000-L Archives

July 2001, Week 1

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L July 2001, Week 1

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: MPE security - file access
From:	Ken Hirsch <[log in to unmask]>
Reply To:	Ken Hirsch <[log in to unmask]>
Date:	Mon, 2 Jul 2001 12:13:23 -0400
Content-Type:	text/plain
Parts/Attachments:	text/plain (65 lines)

There are a few things that make access lists easier to use on NT than on
MPE.

(1) arbitrary grouping of users--  users may belong to more than just one
group in NT.  On MPE, the only grouping is by account.  This is very useful
for role-based security.
(Old-style MPE security has slightly more grouping--AL, GL, logon group of
user, but it's very limited, and, of course, incompatible with ACD
security.)

(2) Inheritance of access rights--when files are created, they inherit
access rights from the folder where they reside.  On MPE--???  For POSIX,
new files have permissions based on umask of creator, I don't know if
there's any default ACD for files in HFS space created by MPE programs.
This is a major advantage for NT.

(3) GUI - easier for some tasks, anyway.

----- Original Message -----
From: "Jim Knight" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Monday, July 02, 2001 11:35 AM
Subject: Re: MPE security - file access

> Ok, so don't take me wrong, but you're saying, I know how to do this, but
I don't want to do it because it seems too complex.  Why can't MPE be like
NT?  MPE has the capability, so I don't understand your comment about other
OS'es having an advantage?
>
> <glad MPE isn't like NT>
> Jim
>
>
> Gibson Nichols <[log in to unmask]> wrote:
> > I have two users in two different accounts who need different access
rights to some files in one account.  Like this:
>
> USERA.ACCTA
> USERB.ACCTB
> FILEX.GROUPX.ACCTX
>
> Since MPE bases the access rights on the account and group of the file
then
> I don't see a way of providing different access rights to users outside
the
> account.
>
> I wouldn't want to use ACDs since those are so difficult to manage.
>
> Isn't this an advantage some other operating systems would have over MPE?
> This can be done in NT for example.
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2

RAVEN.UTC.EDU