[TUHS] Who's behind the UNIX filesystem permission implementation
Christopher Browne
cbbrowne at gmail.com
Thu Aug 1 04:03:33 AEST 2019
On Wed, 31 Jul 2019 at 13:29, Arthur Krewat <krewat at kilonet.net> wrote:
> On 7/31/2019 12:49 PM, Rodrigo G. López wrote:
> > Multics had modes per file (https://multicians.org/fjcc4.html) but i
> > don't know about the origins. the simpler approach of
> > owner/group/other is a purely Unix creation and i would bet Ken
> > Thompson is behind it all.
>
> TOPS-10 had a 3 octal digit file protection code:
>
> <xxx> - <Owner, Project, Everyone else> - Logins are PPNs - [Project,
> Programmer] - So if I was [76,5], another user with [76,10] was in the
> same project. Much like UNIX groups.
>
> Owner Protection Codes
> 7*, 6* - You can execute, read, or change the protection code of the file.
> 5* - You have unlimited access to the file, except for renaming it.
> 4* - You have unlimited access to the file.
> 3 - You can execute, read, or change the protection code of the file.
> 2 - You have unlimited access to the file, except for renaming it.
> 1, 0 - You have unlimited access.
> * The File Daemon is called on a protection failure on this file (my
> memory is a little fuzzy on this, but I believe it allowed finer grained
> protections).
>
> Protection Codes for Fields 2 and 3
> 7 - The user cannot access the file.
> 6 - The user can only execute the file.
> 5 - The user can execute or read the file.
> 4 - The user can execute, read, or append to the file.
> 3 - The user can execute, read, append to, or update the file.
> 2 - The user can execute, read, append to, update, and write to the file.
> 1 - The user can execute, read, append to, update, write to, and rename
> the file.
> 0 - Unlimited access, including changing the protection code of the file.
>
> The name TOPS-10 was first used in 1970, but the monitor itself dates
> back to 1964. I'm not sure when these protection codes came into being,
> though.
>
Interesting; similar, though not identical to some material I captured back
in the 1990s on TOPS-10 FILDAE in a discussion about Linux filesystem
permission semantics...
It seemed interesting, so I added it to a web page:
linuxfinances.info/info/fs.html
The claim is that there would be a fildae control file like the following:
# anything in a directory named "private" is off limits
*/private/*:*:*:*:
# people in group "foo" get full (create, delete, read, write,
# execute) access to everything in the foo project directory
~/projects/foo/*:*:foo:*:cdrwx
# people playing mygame can update the high score file
~/mygame/score.dat:*:*:
~/mygame/bin/mygame:rw
# some friends have access to the RCS files for mygame
~/mygame/src/RCS/*:dennis,kevin,josh:*:
/usr/bin/ci:rw
~/mygame/src/RCS/*:dennis,kevin,josh:*:
/usr/bin/co:rw
# I'll put stuff I want everyone to read in my ~/public directory
# I'll make the public directory 744, so no one will actually have
# to check .access_list, but I'll still put in this entry for
completeness
~/public/*:*:*:*:r# anything left over gets no access*:*:*:*:
--
When confronted by a difficult problem, solve it by reducing it to the
question, "How would the Lone Ranger handle this?"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://minnie.tuhs.org/pipermail/tuhs/attachments/20190731/eb471ca8/attachment.html>
More information about the TUHS
mailing list