On Wed, 31 Jul 2019 at 13:29, Arthur Krewat <krewat(a)kilonet.net> wrote:
On 7/31/2019 12:49 PM, Rodrigo G. López wrote:
Multics had modes per file
(
https://multicians.org/fjcc4.html) but i
don't know about the origins. the simpler approach of
owner/group/other is a purely Unix creation and i would bet Ken
Thompson is behind it all.
TOPS-10 had a 3 octal digit file protection code:
<xxx> - <Owner, Project, Everyone else> - Logins are PPNs - [Project,
Programmer] - So if I was [76,5], another user with [76,10] was in the
same project. Much like UNIX groups.
Owner Protection Codes
7*, 6* - You can execute, read, or change the protection code of the file.
5* - You have unlimited access to the file, except for renaming it.
4* - You have unlimited access to the file.
3 - You can execute, read, or change the protection code of the file.
2 - You have unlimited access to the file, except for renaming it.
1, 0 - You have unlimited access.
* The File Daemon is called on a protection failure on this file (my
memory is a little fuzzy on this, but I believe it allowed finer grained
protections).
Protection Codes for Fields 2 and 3
7 - The user cannot access the file.
6 - The user can only execute the file.
5 - The user can execute or read the file.
4 - The user can execute, read, or append to the file.
3 - The user can execute, read, append to, or update the file.
2 - The user can execute, read, append to, update, and write to the file.
1 - The user can execute, read, append to, update, write to, and rename
the file.
0 - Unlimited access, including changing the protection code of the file.
The name TOPS-10 was first used in 1970, but the monitor itself dates
back to 1964. I'm not sure when these protection codes came into being,
though.
Interesting; similar, though not identical to some material I captured back
in the 1990s on TOPS-10 FILDAE in a discussion about Linux filesystem
permission semantics...
It seemed interesting, so I added it to a web page:
linuxfinances.info/info/fs.html
The claim is that there would be a fildae control file like the following:
# anything in a directory named "private" is off limits
*/private/*:*:*:*:
# people in group "foo" get full (create, delete, read, write,
# execute) access to everything in the foo project directory
~/projects/foo/*:*:foo:*:cdrwx
# people playing mygame can update the high score file
~/mygame/score.dat:*:*:
~/mygame/bin/mygame:rw
# some friends have access to the RCS files for mygame
~/mygame/src/RCS/*:dennis,kevin,josh:*:
/usr/bin/ci:rw
~/mygame/src/RCS/*:dennis,kevin,josh:*:
/usr/bin/co:rw
# I'll put stuff I want everyone to read in my ~/public directory
# I'll make the public directory 744, so no one will actually have
# to check .access_list, but I'll still put in this entry for
completeness
~/public/*:*:*:*:r# anything left over gets no access*:*:*:*:
--
When confronted by a difficult problem, solve it by reducing it to the
question, "How would the Lone Ranger handle this?"