[Pipet Devel] Access levels in VSH

J.W. Bizzaro bizzaro at geoserve.net
Tue Apr 4 13:57:32 EDT 2000


jarl van katwijk wrote:
> 
> We needed those to authorize DL's to login. Now this is where my problem
> begins: who should be able to grant others access?
> 
> So we need some form of access level in the vsh system, how do we
> organize them? I copied a 'root' system like unix uses, so only the 1th DL
> can authorize others. But maybe we do need a more sophisticated system,
> something that not only allows DL's access, but also grants them the ability
> to grant access to others.

I haven't thought about this at all.  I'm not a security expert, but wouldn't
'passable access/authentication' be opening up a pandora's box?  You'll never
know who has access to your system.

I think another thing to consider is whether or not a mere user can grant
access.  Perhaps only the system administrator should be allowed to do this. 
This is the opposite extreme of Jarl's proposal.  Thoughts?

Jeff
-- 
                      +----------------------------------+
                      |           J.W. Bizzaro           |
                      |                                  |
                      | http://bioinformatics.org/~jeff/ |
                      |                                  |
                      |        BIOINFORMATICS.ORG        |
                      |           The Open Lab           |
                      |                                  |
                      |    http://bioinformatics.org/    |
                      +----------------------------------+




More information about the Pipet-Devel mailing list