David wrote (pressing Return only for paragraphs)...

>First point is that we think we have found a major security breach in
MPE/POSIX.

>We are working in a mixed POSIX/MPE environment and we have found that the
only way to get the permissions you need for team software development is
to grant AM Capabilities to all (4) developers. Then we found that, for AM
capable users, MPE does not honor write protections set on the POSIX side.
It does unpredictable things too, like destroying files that we should not
be able to write to.

Doesn't sound like a security breach to me. Works as documented. You probably
should rethink if you really need to grant the AM capability. I have been
quite
happy with using the GL capability to allow shared read access to different
users in the same account.

For example, I have an account IX with users PGP and LDAP, for two different
freeware projects. Both have their own home group and the groups are changed
from default GU access to GL access. In the Posix space I use umask 0027 to
keep those projects separate. This way, PGP.IX and LDAP.IX have read access
to each other's home, but I can prevent write access even when they CHGROUP,
without need to introduce group passwords. (The whole concept is not my own
idea; I picked it up from a related HP3000-L posting; thanks again to whoever
shared that trick long ago!).

In my setup, only MGR.IX has AM capabilities for overall housekeeping.

(also see http://www.editcorp.com -> Personal -> Lars Appel for details
how I typically setup the IX account, groups and /usr/local symlinks...)

>Does anybody out there have experience using a POSIX Revision Control
System  under MPE.

Have played with the Posix Shell's rcs a little but now I moved to the GNU
cvs concurrent versioning system that Mark Klein ported to MPE/iX. You can
find it on Jazz or the MPE Freeware Tape, I believe.

Cheers, Lars "text/plain" Appel