There are a few things that make access lists easier to use on NT than on
MPE.
(1) arbitrary grouping of users-- users may belong to more than just one
group in NT. On MPE, the only grouping is by account. This is very useful
for role-based security.
(Old-style MPE security has slightly more grouping--AL, GL, logon group of
user, but it's very limited, and, of course, incompatible with ACD
security.)
(2) Inheritance of access rights--when files are created, they inherit
access rights from the folder where they reside. On MPE--??? For POSIX,
new files have permissions based on umask of creator, I don't know if
there's any default ACD for files in HFS space created by MPE programs.
This is a major advantage for NT.
(3) GUI - easier for some tasks, anyway.
----- Original Message -----
From: "Jim Knight" <[log in to unmask]>
To: <[log in to unmask]>
Sent: Monday, July 02, 2001 11:35 AM
Subject: Re: MPE security - file access
> Ok, so don't take me wrong, but you're saying, I know how to do this, but
I don't want to do it because it seems too complex. Why can't MPE be like
NT? MPE has the capability, so I don't understand your comment about other
OS'es having an advantage?
>
> <glad MPE isn't like NT>
> Jim
>
>
> Gibson Nichols <[log in to unmask]> wrote:
> > I have two users in two different accounts who need different access
rights to some files in one account. Like this:
>
> USERA.ACCTA
> USERB.ACCTB
> FILEX.GROUPX.ACCTX
>
> Since MPE bases the access rights on the account and group of the file
then
> I don't see a way of providing different access rights to users outside
the
> account.
>
> I wouldn't want to use ACDs since those are so difficult to manage.
>
> Isn't this an advantage some other operating systems would have over MPE?
> This can be done in NT for example.
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|