> From: Wilfredo Sanchez <[EMAIL PROTECTED]>
> Date: 1999-08-18 14:28:54 -0700
> To: Bill Studenmund <[EMAIL PROTECTED]>
> Subject: Re: Need some advice regarding portable user IDs
> Cc: "Brian C. Grayson"
> <[EMAIL PROTECTED]>,[EMAIL PROTECTED],
> [EMAIL PROTECTED], [EMAIL PROTECTED],[EMAIL PROTECTED],
> [EMAIL PROTECTED]
> In-reply-to: <[EMAIL PROTECTED]>
> X-Loop: FreeBSD.ORG
> Delivered-to: [EMAIL PROTECTED]
> X-Mailer: by Apple MailViewer (2.106)
> X-Mailer-Extensions: SWSignature 1.3.2
>
> | Fred, right now what happens in MacOS when I take a disk which has
> sharing
> | credentials set up, and hook it into another machine? How are the
> | credentials handled there?
>
> I think Mac OS 8 will forget about the credentials. I don't
> actually know much about how sharing works.
>
> But the current file sharing behaviour is not entirely useful to
> think about, because it doesn't effect the local permissions (much),
> and the local permission are what I'm worried about. Exported
> filesystems are another story, and I don't want to compilcate things
> too much by worrying about that right now.
My understanding of File Sharing [for Mac OS 8]is that (a) Mac OS
doesn't understand identity, permissions, etc., so it can't "talk"
about them; and (b) when you share a volume from a remote server, you
"login" to that volume using a mechanism supported by the server.
The client system isn't involved. Since you, at the keyboard, are
really the only user of that system, the issue of what "another
logged-in user" can do is moot.
Note that although the "enhanced" HFS supports credentials (i.e,
owner and group identity), Mac OS doesn't use this capability, and
wouldn't know what to do with a volume that had this info filled in
(i.e., can't make use of it).
The whole issue of associating identity with permission is a bit
perplexing. DCE attempted to solve this problem, and it got quickly
out of hand. Regardless of whether you are using 32-bit integers, or
8-character login names, there's little or no guarantee that when
you move a device containing this info from one site to another, the
"mapping" from that identity to who you are will remain valid.
In the meanwhile, there ought to be a simple version of this problem
that we can solve :-}. I think I'll get down off this soap box for
a bit...
Regards,
Justin
--
Justin C. Walker, Curmudgeon-At-Large *
Institute for General Semantics |
Manager, CoreOS Networking | When crypto is outlawed,
Apple Computer, Inc. | Only outlaws will have crypto.
2 Infinite Loop |
Cupertino, CA 95014 |
*-------------------------------------*-------------------------------*
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
