winscape 2290

I don't think I was confused. These, distribution, installation, and end, are three separate procedures (although Java-flavors are mixing them up alarmingly).

This is the bug. A sysadmin should not have to know the intimate details of his computing customers at all. If the software is supposed to be available system-wide to all users, then it is his business. But if the software is managed by one of the users of that system for a sub-set of other users in that system, then the sysadmin has absolutely no business mucking about. His only job is to make sure that the usage of this user's software will not affect the rest of the system's users and fucntions.

The sysadmin's interest should only be system-wide usage of resources (which includes the contents of SYS:, but he has no business with the contents of any user's directories.

These problems go away if responsibility of those bits is divorced from sysadmin functions.

Exactly!!!! This is the feature. Protection in this manner allows a customer to conduct his business on your system without any restrictions, like some random sysadmin knowing your bits.

In TOPS-10, there existed a protection of EXECUTE-ONLY which had a higher protection (meaning more exclusive) than read. An execute only file could never be looked at by the user who typed RUN.

BAH