Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Object Oriented User Administration

IP.com Disclosure Number: IPCOM000108390D
Original Publication Date: 1992-May-01
Included in the Prior Art Database: 2005-Mar-22
Document File: 5 page(s) / 238K

Publishing Venue

IBM

Related People

Camillone, NA: AUTHOR [+4]

Abstract

Disclosed is a design for object-oriented user administration in a UNIX*-based operating system. This design enables greater consistency, extensibility and integrity in the administration of users in a computer operating system. Additionally, ease of administration and programming are enhanced.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 25% of the total text.

Object Oriented User Administration

       Disclosed is a design for object-oriented user
administration in a UNIX*-based operating system.  This design
enables greater consistency, extensibility and integrity in the
administration of users in a computer operating system.
Additionally, ease of administration and programming are enhanced.

      User administration in an operating system provides system
administrators with the capabilities to add or delete users from the
system and to modify or view the attributes of existing users.  These
attributes include user credentials and authorization information,
mainly, as well as some user environment variables. A programming
interface allows programs to query or set these attributes.

      Present systems offer rudimentary facilities in this area. The
administrative interface is provided by editing the file where the
user attributes are stored, although the adduser command, which
provides a more abstract view of users, is included in many systems.
The program- ming interface only offers the capability to read or
write all of a user's attributes.

      There are many problems with the present scheme. First, it is
difficult to extend.  The programmer's view of a user is a C language
structure, while the administrator sees the user as a line in a file
with attributes separated by the colon character.  Adding new members
to existing structures can cause compatibility problems while adding
new fields to the line only increases the obscurity of the interface,
especially when many fields are unused for most users.

      The second major problem is the lack of any integrity controls.
The existing interface is essentially a physical one, where updates
are done without any mediation at all. In particular, the integrity
of updates may suffer in two regards.  The first is that the system
administrator may make improper updates inadvertently.  Examples of
this include assigning the same user identifier to more than one user
or reusing a user identifier, assigning a home directory that does
not exist, deleting a user's primary group, etc.  Each of these
mistakes can cause problems ranging from security policy violations
to unusable user accounts.  The second integrity problem arises from
how updates are applied to a user.  Since the administrator often
applies updates directly to the file where the attributes are stored,
any consistency and integrity guarantees must come from the file
subsystem itself, and the UNIX file system offers little in this
area. As a consequence, updates can be lost if two administrators are
working in this area at the same time.

      The third major problem is the lack of granularity in querying
and updating individual attributes.  The present administrative
privilege mechanism is monolithic and so is data storage, and so the
lack of granularity in this area is not problematic.  But as
administrative security becomes more fine-grained, it will...