From mboxrd@z Thu Jan  1 00:00:00 1970
From: presotto@plan9.bell-labs.com
To: 9fans@cse.psu.edu
Subject: Re: [9fans] authorization schemes (was CORBA)
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Message-Id: <20010926174448.1D41219A3E@mail.cse.psu.edu>
Date: Wed, 26 Sep 2001 13:44:46 -0400
Topicbox-Message-UUID: f4dd3184-eac9-11e9-9e20-41e7f4b1d025

The real best part was an accidental 'du /|grep pattern' by a
user at a high level user made the whole file system useless to anyone
of lower classification.

Also, terminals were a real pain because their inodes had to
change security level whenever someone new logged in, which
meant chasing down anything somehow related to them.  Not
really in the orange book model.  Network connections were
equally bad.

The real lesson of the experiment was that security level
classification is hard to live with.