winscape 2294

before

Good grief! Never on a timesharing system. We aren't talking at cross-purposes; all are part of delivering computing services to customers.

Which is the heart of any computing usage. Files contain the code that is executed to do anything. Then there's data those files use to make decisions.

It never was enough. As soon as a feature is expanded or created, customers start to think about adding more. This is a computing law.

Another computing law is, if you need something to be "flexible", then you need software. Flexible implies choices by a human being at the time of usage. granting

Think about a heirarchy of "adminstators". That's what I trying to get at.

There are the areas that are libarary areas and not officially "owned" by any one user. These areas will not be logged into but do need to be maintained by people other than the sysadmin organization. Think about security, confidential and other stuff where the sysadmin are not allowed to know who nor what the users of the system do.

There are all kinds of system disk areas. There is never just one.

There is a clbutt of files like that but is dependent on the needs of each site. The goal of any timesharing OS is to provide mechanisms so that any sysadmin and his customers have all kinds of ways to implement their specific computing needs.

Or not modify them. There are cases where the owner bars himself from access.

You are still buttuming that all this responsibility will default to a sysadmin. It cannot, especially in this day of internet.

So?

This not something that can be predicted. Think about sources laying around that haven't had a problem. Nobody will "own" them until a bug happens. As people move on or die or swallowed up in a takeover, it's guaranteed that this set of files will not have any owner. People aren't paid to do nothing.

That only happens if the service is continuous. Try to think of a computing service that isn't used daily, but annually or longer.

But it's not the ISP's business. In fact, there were probably mechanisms put in place so that nobody working for the ISP can do anything. Why do you think we have encryptions?

Again, this is something that you need to watch a lot of ISPs do. Each one will have their own policies and procedures to deal with the same problems. Some will avoid all dangers and just throw more hardware at it.

No, it's PCitis to think that all computing service deliveries have no tradeoffs, have infinite resources, and only one thing can happen at a time and is always in response to a single action of one user.

That is one way. There are probably more. I'm suggesting that you find out from a lot of ISPs. It could be a semester project studying all the different ways and what people have to tradeoff for providing computing services to unknown users.

Security. The last people to fool with users' bits are the sysadmins and operations staff.

List the functions of "system-wide stuff". Some will be obvious. Others will not be. Warning: TOPS-10 bias coming up.

LOGIN and LOGOUT are two. COBOL? Not if there is a licensing agreement in the situation where each access causes real money to exchange hands. This is just code. Data gets real hairy. Think about any DBMS application.

But what if the owner of those files wishes to bar himself from write access? This is a common need. Think about people doing development and "signing out" FOO.MAC. Who is the owner now? The one who babysits the source code or the person who is doing the mods or none of them?

I am not merely objecting; I am putting my foot down and stating that is a security hole about the size of Jupiter. It was in 1970; I can't believe that the biz has decided this isn't one. Those with PCitis have, but that's a figment of their ignorance.

No sysadmin is sensible. By defintion, they're nuts. ;-)

The only way a sysadmin could snoop with JMF's FILDAE installed is to take the system stand alone. Sure there will be ways to break access. A sledge hammer is the quickest but not thorough.

BAH