Subject: Re: Need some advice regarding portable user IDs
To: None <wsanchez@apple.com>
From: Justin C. Walker <justin@apple.com>
List: tech-userlevel
Date: 08/19/1999 17:44:47
> From: Wilfredo Sanchez <wsanchez@apple.com>
> Date: 1999-08-18 14:28:54 -0700
> To: Bill Studenmund <wrstuden@nas.nasa.gov>
> Subject: Re: Need some advice regarding portable user IDs
> Cc: "Brian C. Grayson"
> <bgrayson@marvin.ece.utexas.edu>,freebsd-hackers@FreeBSD.ORG,
> tech-userlevel@netbsd.org, pwd@apple.com,warner.c@apple.com,
> umeshv@apple.com
> In-reply-to: <19990817213718.A28662@marvin.ece.utexas.edu>
> X-Loop: FreeBSD.ORG
> Delivered-to: freebsd-hackers@freebsd.org
> X-Mailer: by Apple MailViewer (2.106)
> X-Mailer-Extensions: SWSignature 1.3.2
>
> | Fred, right now what happens in MacOS when I take a disk which has   
> sharing
> | credentials set up, and hook it into another machine? How are the 
> | credentials handled there?
>
>   I think Mac OS 8 will forget about the credentials.  I don't
> actually know much about how sharing works.
>
>   But the current file sharing behaviour is not entirely useful to   
> think about, because it doesn't effect the local permissions (much),   
> and the local permission are what I'm worried about.  Exported
> filesystems are another story, and I don't want to compilcate things   
> too much by worrying about that right now.

My understanding of File Sharing [for Mac OS 8]is that (a) Mac OS  
doesn't understand identity, permissions, etc., so it can't "talk"  
about them; and (b) when you share a volume from a remote server, you  
"login" to that volume using a mechanism supported by the server.

The client system isn't involved.  Since you, at the keyboard, are  
really the only user of that system, the issue of what "another  
logged-in user" can do is moot.

Note that although the "enhanced" HFS supports credentials (i.e,  
owner and group identity), Mac OS doesn't use this capability, and  
wouldn't know what to do with a volume that had this info filled in  
(i.e., can't make use of it).

The whole issue of associating identity with permission is a bit  
perplexing.  DCE attempted to solve this problem, and it got quickly  
out of hand.  Regardless of whether you are using 32-bit integers, or  
8-character login names, there's little or no guarantee that when  
you move a device containing this info from one site to another, the  
"mapping" from that identity to who you are will remain valid.

In the meanwhile, there ought to be a simple version of this problem  
that we can solve :-}.  I think I'll get down off this soap box for  
a bit...

Regards,

Justin

--
Justin C. Walker, Curmudgeon-At-Large *
Institute for General Semantics       |
Manager, CoreOS Networking            | When crypto is outlawed,
Apple Computer, Inc.                  | Only outlaws will have crypto.
2 Infinite Loop                       |
Cupertino, CA 95014                   |
*-------------------------------------*-------------------------------*