[Info-vax] : AUTHORIZE Enhancement

[IanD]

On Monday, November 21, 2016 at 2:20:52 AM UTC+11, David Froble wrote:

<snip>

> 
> AUTHORIZE, as part of the VMS OS, does it's job.  What you appear to be asking 
> for goes far beyond access to an OS.  Not saying it isn't a good thing, or 
> needed, and such, just saying that it's in reality an application that 
> transcends what one might expect for access to an OS.  The fact that people have 
> tried to use AUTHORIZE for more than it was ever intended is not the fault of 
> AUTHORIZE, it's the fault of those misusing a tool.  You know, square peg and 
> round hole, driving a screw with a hammer, driving a nail with a screwdriver, 
> and such.
> 

Yes, far beyond system access

Security is far more than simple Yes/no access to an object

It's history, patterns, derived access, virtual models and real and many many other thing as well

It's a big nasty world out there and VMS is it's really going to hold onto the supposed mantel it has of a secure system then it's got a lot of work to do and that includes the modernisation of the authorize utility

> So, if you need something like you're asking for, design and implement it, or 
> purchase it, or ....   Just don't say that something that was never intended for 
> your purpose is defective.
> 
> Just because such a tool would be used for multiple computers, and even multiple 
> OSs, sort of implies that it's not just for access to a single computer, which 
> is what AUTHORIZE is.

The same argument could be said about any earlier formats in VMS, be it file system, early queue functionality and many other subsystems that has evolved over the years

I did say 'if i had endless money...'

Out of interest, what security system (authorize / whatever you wish to call it) do you think will take VMS forward and what characteristics do you think it should have? (bearing in mind the original response I answered to was in and around enhancing UAF)