Mark Bixby wrote:
>
> MPE requires AM or SM capability to view file creators, but POSIX will let
> anybody view this information. I.e. a vanilla non-prived user can do this:
[snip]
>
> POSIX is supposed to work this way with respect to file creators. Can anybody
> else think of cases where POSIX policies contradict long-held MPE policies?
I have found that using the POSIX shell I can install a new version of an
application while it is being used/loaded by one or more users. MPE would
never allow this!
For example, my Sales Branch application.
------------
:RENAME SBR0000,SBR0000O
EXCLUSIVE VIOLATION: FILE BEING ACCESSED (FSERR 90)
Open failed on file "SBR0000.BRANCH.TIW". Not renamed. (CIERR 372)
------------
However in POSIX I can:
---------------------
> mv SBR0000 SBR0000O
> mv SBR0000N SBR0000
>---------------------
I kinda like the idea of bypassing the need to log users off the system to do
this, but then I make some people around here (TIW) nervous.
Cheers,
Michael Anderson,
System Programmer
TIW Corporation