[Info-vax] : AUTHORIZE Enhancement

David Froble davef at tsoft-inc.com
Mon Nov 28 02:11:04 EST 2016 

IanD wrote:
> On Monday, November 21, 2016 at 2:20:52 AM UTC+11, David Froble wrote:
> 
> <snip>
> 
>> AUTHORIZE, as part of the VMS OS, does it's job.  What you appear to be asking 
>> for goes far beyond access to an OS.  Not saying it isn't a good thing, or 
>> needed, and such, just saying that it's in reality an application that 
>> transcends what one might expect for access to an OS.  The fact that people have 
>> tried to use AUTHORIZE for more than it was ever intended is not the fault of 
>> AUTHORIZE, it's the fault of those misusing a tool.  You know, square peg and 
>> round hole, driving a screw with a hammer, driving a nail with a screwdriver, 
>> and such.
>>
> 
> Yes, far beyond system access
> 
> Security is far more than simple Yes/no access to an object
> 
> It's history, patterns, derived access, virtual models and real and many many other thing as well
> 
> It's a big nasty world out there and VMS is it's really going to hold onto the supposed mantel it has of a secure system then it's got a lot of work to do and that includes the modernisation of the authorize utility
> 
>> So, if you need something like you're asking for, design and implement it, or 
>> purchase it, or ....   Just don't say that something that was never intended for 
>> your purpose is defective.
>>
>> Just because such a tool would be used for multiple computers, and even multiple 
>> OSs, sort of implies that it's not just for access to a single computer, which 
>> is what AUTHORIZE is.
> 
> The same argument could be said about any earlier formats in VMS, be it file system, early queue functionality and many other subsystems that has evolved over the years
> 
> I did say 'if i had endless money...'
> 
> Out of interest, what security system (authorize / whatever you wish to call it) do you think will take VMS forward and what characteristics do you think it should have? (bearing in mind the original response I answered to was in and around enhancing UAF)

Steve has been lobbying for LDAP (or however it's spelled).  I don't know enough 
to have an opinion.

More information about the Info-vax mailing list