[TUHS] History of chown semantics
John Cowan
cowan at mercury.ccil.org
Mon Jan 13 17:05:43 AEST 2014
Tim Bradshaw scripsit:
> Quotas actually don't seem to be used very much. Instead people
> Greenspun it by confining applications to distinct filesystems and
> some kind of volume manager.
Which is to say, the file owner is irrelevant to the quota system, only
the pathname matters.
> Privilege separation is more sorted out. People (regulators, auditors,
> the organisation itself) are extremely interested in knowing who can
> see and do what. Root access seems to be typically pretty sorted by now
> (no-one has it except under some kind of auditable breakglass process)
> and controlling per-user access is getting tied down where it hasn't
> been, usually by elaborate sudo rules for the various role users
> (unix admin, oracle admin, business users etc).
Again, how can any of this be corrupted by free chown-ing?
--
Some people open all the Windows; John Cowan
wise wives welcome the spring cowan at ccil.org
by moving the Unix. http://www.ccil.org/~cowan
--ad for Unix Book Units (U.K.)
(see http://cm.bell-labs.com/cm/cs/who/dmr/unix3image.gif)
More information about the TUHS
mailing list