I was reading the introductory “Multics Concepts and Utilization” book <http://bitsavers.trailing-edge.com/pdf/honeywell/large_systems/multics/F01_multicsIntroCourseOct78.pdf>
over at Bitsavers. Multics (the “MULTiplexed Information and Computing Service”) was, for its time, an extremely ambitious operating system
project. It was first introduced in 1965, in the form of a series of
papers at the AFIPS Fall Joint Computer Conference of that year <https://www.computer.org/csdl/proceedings/1965/afips/12OmNzSh1au>.

Of course, it took far too long (7 years) to reach production quality.
In that time, a small group of researchers at AT&T Bell Labs grew
tired of waiting, and decided to create their own, less ambitious
system, which they called “UNIX” as a tongue-in-cheek homage to “Multics”. And the rest, as they say, is history.

But, nevertheless, Multics remained an influential system. There are
even some present-day fans of it gathered at
<https://multicians.org/>. Apparently they have got the OS booting on
an emulator of the original GE 645 hardware. Though it was mostly
written in a high-level language (PL/I), Multics was never a portable
OS; to support its advanced virtual-memory and security features, it
required special processor hardware support which was not common in
those days.

Even today, Multics has some features which can be considered
innovative and uncommon. It may be true that, for example, SELinux can
match all of its security capabilities and more. But some aspects of
its file-protection system seem, to me, to make sharing of data
between users a bit easier than your typical Linux/POSIX-type system.

For a start, there seems to be no concept of file “ownership” as such.
Or even of POSIX-style file protection modes (read/write/execute for owner/group/world). Instead, all file and directory access is
controlled via access-control lists (ACLs). Directories have a
permission called “modify”, which effectively gives a matching entity (user, group, process) owner-type rights over that directory; except
that more than one entity can have that permission at once. Thus, a
group of users working on a common project can all be given this
“modify” access to a shared directory for that project, allowing them
all to put data there, read it back again, control access to it,
delete it etc on a completely equal basis. Contrast this with
POSIX/Linux, where every file has to have exactly one owner; even if
they create that file in a shared directory, it still gives the
creating user a special status over that file, that others with write
access to the containing directory do not have.

(Multics also offers a separate “append” permission, that allows the possessor to create an item in a directory, without having the ability
to remove an item once it’s there.)

One radical idea introduced in Unix was its profligate use of multiple processes. Every new command you executed (except for the ones built
into the shell) required the creation of a new process, often several processes. Other OSes tended to look askance at this; it seemed
somehow wasteful, perhaps even sinful to spawn so many processes so
readily and discard them so casually. The more conventional approach
was to create a single process at user login, and execute nearly all
commands within the context of that. There were special commands for
explicitly creating additional processes (e.g. for background command execution), but such process creation did not simply happen as a
matter of course.

Gradually, over time, the limitations of the single-process approach
became too much to ignore, and the versatility of the Unix approach
won over (nearly) everybody. Multics, however, is of the old school.
More than that, the process even preserves global state, including
static storage, in-between runs of programs, and this applies across
different programs, not just reruns of the same one. For example, in
FORTRAN, there is the concept of a “common block”. If you run two
different programs that both refer to the same common block, then the
second one will see values left in the block by the first one. To
completely reinitialize everything, you need to invoke the “new_proc” command, which effectively deletes your process and gives you a fresh
one.

One common irritation I find on POSIX/Linux systems is the convention
that every directory has to have an entry called “.”, pointing to
itself, and one called “..”, pointing to its parent. This way these
names can be used in relative pathnames to reach any point in the
directory hierarchy. But surely it is unnecessary to have explicit
entries for these names cluttering up every directory; why not just
build their recognition as a special case into the pathname-parsing
logic in the kernel, once and for all? That way, directory-traversal
routines in user programs don’t have to be specially coded to look
for, and skip these entries, every single time.

Multics doesn’t seem to have this problem. An absolute pathname begins
with “>” (which is the separator for pathname components, equivalent
to POSIX “/”), while a relative pathname doesn’t. Furthermore, a
relative pathname can begin with one or more “<” characters,
indicating the corresponding number of steps up from the current
working directory. Unlike POSIX “..”, you can’t have “<” characters in
the middle of the pathname, which is probably not a big loss.

It is interesting to see other features which are nearly, but not
quite, the same as, corresponding features in Unix. For example, there
is a search path for executables, to save you typing the entire
pathname to run the program. However, this does not seem as flexible
as the $PATH environment-variable convention observed by Unix/POSIX
shells. In particular, it does not seem possible to remove the current directory from the search path, which we now know can be a security
risk.

Another one is the concept of “active functions” and “active strings”. These allow you to perform substitutions of dynamically-computed
values into a command line. However, they are not as general as the
Unix/POSIX concept of “command substitution”, where an entire shell
command can supply its output to be interpolated into another command.
Instead of having a completely separate vocabulary of “active
functions” which can only be used for such substitutions, Unix/POSIX
unifies this with the standard set of commands, any of which can be
used in this way.

There are other features of Multics that others more familiar with it
might want to see mentioned (the single-level store concept, where “everything is a memory segment”, versus Unix “everything is a file”? I/O redirection based on “switches”—symbolic references to files,
versus Unix integer “file descriptors”?). But then, this long-winded
essay would become even longer-winded :). So if you are interested in
this particular piece of computing history, feel free to follow up the
links above.

In summary, Multics is very much a museum piece, not something you
would want to use today for regular work—not in its original form. But
I think there are still one or two ideas there that we could usefully
copy and adapt to a present-day OS, particularly a versatile one like
Linux.

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: A noiseless patient Spider (3:633/280.2@fidonet)

On 12/17/24 14:41, Lawrence D'Oliveiro wrote:

But surely it is unnecessary to have explicit entries for these names cluttering up every directory; why not just build their recognition
as a special case into the pathname-parsing logic in the kernel,
once and for all?

Based on my limited understanding, the "in the kernel" bit is where your question runs off the rails.

My understanding is that the kernel doesn't know / care where what the
path to the file is. Instead it cares about the file identifier, or
inode. Remember, you can have the same file / inode appear in multiple directories a la hard links.

The directory path is largely a user space construct only with minimal
kernel support in support of the user space.

As such, I don't think you can special case "." and ".." into the pathname-parsing logic in the kernel.

That way, directory-traversal routines in user
programs don’t have to be specially coded to look for, and skip
these entries, every single time.

I question why you are wanting to treat "." and ".." special when you
are working with dot files. It seems to me like if you are explicitly
looking for dot files, then you'd want to see "." and "..".



--
Grant. . . .

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: TNet Consulting (3:633/280.2@fidonet)

On Tue, 17 Dec 2024 19:13:42 -0600, Grant Taylor wrote:

My understanding is that the kernel doesn't know / care where what the
path to the file is.

Oh, but it does.

Instead it cares about the file identifier, or
inode. Remember, you can have the same file / inode appear in multiple directories a la hard links.

Yes you can. But there is no userland API in POSIX/*nix to let you
identify a file directly by inode. You always have to specify some path
that gets to it. This is by design.

As such, I don't think you can special case "." and ".." into the pathname-parsing logic in the kernel.

You already have to, for “..” at least. Think about what happens when “..”
would take you to a different filesystem.

I question why you are wanting to treat "." and ".." special when you
are working with dot files. It seems to me like if you are explicitly looking for dot files, then you'd want to see "." and "..".

Typically, no.

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: A noiseless patient Spider (3:633/280.2@fidonet)

Of course, it took far too long (7 years) to reach production quality.
In that time, a small group of researchers at AT&T Bell Labs grew
tired of waiting, and decided to create their own, less ambitious
system, which they called “UNIX” as a tongue-in-cheek homage t

What I read is a bit different: AT&T management got tired and
decided to quit the project. Researchers at Bell Labs liked
Multics features, did not want to loose them, so decided to
do their own simpler variant.

--
Waldek Hebisch

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: To protect and to server (3:633/280.2@fidonet)

antispam@fricas.org (Waldek Hebisch) writes:

Of course, it took far too long (7 years) to reach production quality.
In that time, a small group of researchers at AT&T Bell Labs grew
tired of waiting, and decided to create their own, less ambitious
system, which they called "UNIX" as a tongue-in-cheek homage t

What I read is a bit different: AT&T management got tired and
decided to quit the project. Researchers at Bell Labs liked
Multics features, did not want to loose them, so decided to
do their own simpler variant.

That is the usual story; the poster to whom you responded often gets this kind of thing wrong...

--
Rich Alderson news@alderson.users.panix.com
Audendum est, et veritas investiganda; quam etiamsi non assequamur,
omnino tamen proprius, quam nunc sumus, ad eam perveniemus.
--Galen

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: PANIX Public Access Internet and UNIX, NYC (3:633/280.2@fidonet)

On 2024-12-18, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Tue, 17 Dec 2024 19:13:42 -0600, Grant Taylor wrote:

Instead it cares about the file identifier, or
inode. Remember, you can have the same file / inode appear in multiple
directories a la hard links.

Yes you can. But there is no userland API in POSIX/*nix to let you
identify a file directly by inode. You always have to specify some path
that gets to it. This is by design.

Hmm. I haven't gone grovelling through the API documentation, but I note
that find(1) on this machine (Ubuntu 18.04.6 LTS) has the -inum option
to find files by inode number. So unless find(1) does some serious
acrobatics for that, I do think there's a userland API to identify a
file by inode.

Niklas
--
All software sucks. Everybody is considered a jerk by somebody. The sun rises, the sun sets, the Sun crashes, lusers are LARTed, BOFHs get drunk.
It is the way of things. -- sconley@summit.bor.ohio.gov (Steve Conley)

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: Department of Redundancy Department (3:633/280.2@fidonet)

On 19 Dec 2024 05:22:37 GMT, Niklas Karlsson wrote:

Hmm. I haven't gone grovelling through the API documentation, but I note
that find(1) on this machine (Ubuntu 18.04.6 LTS) has the -inum option
to find files by inode number. So unless find(1) does some serious
acrobatics for that ...

It calls stat(2) or lstat(2) and checks the st_ino field in the returned
data.

<https://savannah.gnu.org/projects/findutils/>

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: A noiseless patient Spider (3:633/280.2@fidonet)

On 2024-12-19, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On 19 Dec 2024 05:22:37 GMT, Niklas Karlsson wrote:

Hmm. I haven't gone grovelling through the API documentation, but I note
that find(1) on this machine (Ubuntu 18.04.6 LTS) has the -inum option
to find files by inode number. So unless find(1) does some serious
acrobatics for that ...

It calls stat(2) or lstat(2) and checks the st_ino field in the returned data.

Looks like you're right; the only way to directly manipulate a file by
its inode number is through direct manipulation of the filesystem via
some FS-dependent tool (debugfs in the case of ext*).

Niklas
--
You know what the chain of command is? It's the chain I go get and beat
you with 'til you understand who's in ruttin' command here!
-- Jayne Cobb, _Firefly_

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: Department of Redundancy Department (3:633/280.2@fidonet)

In article <mddbjx8wp2a.fsf@panix5.panix.com>,
Rich Alderson <news@alderson.users.panix.com> wrote:

antispam@fricas.org (Waldek Hebisch) writes:

Of course, it took far too long (7 years) to reach production quality.
In that time, a small group of researchers at AT&T Bell Labs grew
tired of waiting, and decided to create their own, less ambitious
system, which they called "UNIX" as a tongue-in-cheek homage t

What I read is a bit different: AT&T management got tired and
decided to quit the project. Researchers at Bell Labs liked
Multics features, did not want to loose them, so decided to
do their own simpler variant.

That is the usual story; the poster to whom you responded often gets this kind >of thing wrong...

Indeed. It's honestly best not to engage with him; he's
a known troll.

- Dan C.


--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: PANIX Public Access Internet and UNIX, NYC (3:633/280.2@fidonet)

Reply-To: slp53@pacbell.net

Niklas Karlsson <nikke.karlsson@gmail.com> writes:

On 2024-12-18, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On Tue, 17 Dec 2024 19:13:42 -0600, Grant Taylor wrote:

Instead it cares about the file identifier, or
inode. Remember, you can have the same file / inode appear in multiple
directories a la hard links.

Yes you can. But there is no userland API in POSIX/*nix to let you
identify a file directly by inode. You always have to specify some path
that gets to it. This is by design.

Hmm. I haven't gone grovelling through the API documentation, but I note
that find(1) on this machine (Ubuntu 18.04.6 LTS) has the -inum option
to find files by inode number. So unless find(1) does some serious
acrobatics for that, I do think there's a userland API to identify a
file by inode.

Admins used to use ncheck(8) to map inode numbers to path name(s)
in bell labs versions of Unix.

find(1) uses 'stat(2)' to get the inode number when walking the
filesystem tree, so it's more a brute force method than an API.


--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: UsenetServer - www.usenetserver.com (3:633/280.2@fidonet)

On 2024-12-19, Scott Lurndal <scott@slp53.sl.home> wrote:

Niklas Karlsson <nikke.karlsson@gmail.com> writes:

Hmm. I haven't gone grovelling through the API documentation, but I note >>that find(1) on this machine (Ubuntu 18.04.6 LTS) has the -inum option
to find files by inode number. So unless find(1) does some serious >>acrobatics for that, I do think there's a userland API to identify a
file by inode.

Admins used to use ncheck(8) to map inode numbers to path name(s)
in bell labs versions of Unix.

Oh, hello. That's an interesting fact. I like it when things like this
come up in discussions here. Thank you!

I found https://illumos.org/man/8/ncheck - interesting!

A quick web search suggests that at least some commercial UNIXes still
have it; Illumos is of course a Solaris derivative, and I found a
reference to it existing on AIX as well. On Linux, assuming ext*, you apparently have to use debugfs to do something similar.

Niklas
--

I've wondered recently why it's not feasible to make large passenger planes >capable of water landing.

Well, they keep having to replace all the seat cushions, for one
thing... -- Mike Sphar and Mark Hughes in asr

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: Department of Redundancy Department (3:633/280.2@fidonet)

Reply-To: slp53@pacbell.net

Niklas Karlsson <nikke.karlsson@gmail.com> writes:

On 2024-12-19, Scott Lurndal <scott@slp53.sl.home> wrote:

Niklas Karlsson <nikke.karlsson@gmail.com> writes:

Hmm. I haven't gone grovelling through the API documentation, but I note >>>that find(1) on this machine (Ubuntu 18.04.6 LTS) has the -inum option
to find files by inode number. So unless find(1) does some serious >>>acrobatics for that, I do think there's a userland API to identify a
file by inode.

Admins used to use ncheck(8) to map inode numbers to path name(s)
in bell labs versions of Unix.

Oh, hello. That's an interesting fact. I like it when things like this
come up in discussions here. Thank you!

I found https://illumos.org/man/8/ncheck - interesting!

Unix V7 version:

$ PAGER= man /reference/usl/unix/v7/usr/man/man1/ncheck.1m
NCHECK(1M) NCHECK(1M)



NAME
ncheck - generate names from i-numbers

SYNOPSIS
ncheck [ -i numbers ] [ -a ] [ -s ] [ filesystem ]

DESCRIPTION
Ncheck with no argument generates a pathname vs. i-number list of all
files on a set of default file systems. Names of directory files are
followed by `/.'. The -i option reduces the report to only those files
whose i-numbers follow. The -a option allows printing of the names `.'
and `..', which are ordinarily suppressed. suppressed. The -s option
reduces the report to special files and files with set-user-ID mode; it
is intended to discover concealed violations of security policy.

A file system may be specified.

The report is in no useful order, and probably should be sorted.

SEE ALSO
dcheck(1), icheck(1), sort(1)

DIAGNOSTICS
When the filesystem structure is improper, `??' denotes the `parent' of
a parentless file and a pathname beginning with `...' denotes a loop.

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: UsenetServer - www.usenetserver.com (3:633/280.2@fidonet)

On Thu, 19 Dec 2024 13:47:14 +0000, Scott Lurndal wrote:

Admins used to use ncheck(8) to map inode numbers to path name(s)
in bell labs versions of Unix.

find(1) uses 'stat(2)' to get the inode number when walking the
filesystem tree, so it's more a brute force method than an API.

Yes, I remember that on Sixth Edition.

Not to mention icheck.




--
Using UNIX since v6 (1975)...

Use the BIG mirror service in the UK:
http://www.mirrorservice.org

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: ---:- FTN<->UseNet Gate -:--- (3:633/280.2@fidonet)

In article <lsinvdFrpltU1@mid.individual.net>,
Niklas Karlsson <nikke.karlsson@gmail.com> wrote:

On 2024-12-19, Scott Lurndal <scott@slp53.sl.home> wrote:

Niklas Karlsson <nikke.karlsson@gmail.com> writes:

Hmm. I haven't gone grovelling through the API documentation, but I note >>>that find(1) on this machine (Ubuntu 18.04.6 LTS) has the -inum option
to find files by inode number. So unless find(1) does some serious >>>acrobatics for that, I do think there's a userland API to identify a
file by inode.

Admins used to use ncheck(8) to map inode numbers to path name(s)
in bell labs versions of Unix.

Oh, hello. That's an interesting fact. I like it when things like this
come up in discussions here. Thank you!

I found https://illumos.org/man/8/ncheck - interesting!

A quick web search suggests that at least some commercial UNIXes still
have it; Illumos is of course a Solaris derivative, and I found a
reference to it existing on AIX as well. On Linux, assuming ext*, you >apparently have to use debugfs to do something similar.

Various systems have had extensions to address files by inum
over time. From memory, systems that supported AFS used to add
an `openi` system call that allowed a user to open a file by
inode number (one presumes it also took some kind of reference
to the filesystem that the inode was relative to, since the name
space of inodes is per-fs, and not globally unique).

Hmm. Maybe that was Coda, and not AFS.

- Dan C.


--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: PANIX Public Access Internet and UNIX, NYC (3:633/280.2@fidonet)

On 19 Dec 2024 09:41:37 GMT, Niklas Karlsson wrote:

On 2024-12-19, Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

On 19 Dec 2024 05:22:37 GMT, Niklas Karlsson wrote:

Hmm. I haven't gone grovelling through the API documentation, but I
note that find(1) on this machine (Ubuntu 18.04.6 LTS) has the -inum
option to find files by inode number. So unless find(1) does some
serious acrobatics for that ...

It calls stat(2) or lstat(2) and checks the st_ino field in the
returned data.

Looks like you're right; the only way to directly manipulate a file by
its inode number is through direct manipulation of the filesystem via
some FS-dependent tool (debugfs in the case of ext*).

Having said that, Linux does offer “handle” calls <https://manpages.debian.org/2/open_by_handle_at.2.en.html>, which
very likely include inode info somewhere in that opaque structure.

But note that accessing files in this way can only be done by suitably-privileged processes. Otherwise it would break the POSIX
security model.

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: A noiseless patient Spider (3:633/280.2@fidonet)

On 2024-12-19 09:13, Niklas Karlsson wrote:

On 2024-12-19, Scott Lurndal <scott@slp53.sl.home> wrote:

Niklas Karlsson <nikke.karlsson@gmail.com> writes:

Hmm. I haven't gone grovelling through the API documentation, but I note >>> that find(1) on this machine (Ubuntu 18.04.6 LTS) has the -inum option
to find files by inode number. So unless find(1) does some serious
acrobatics for that, I do think there's a userland API to identify a
file by inode.

Admins used to use ncheck(8) to map inode numbers to path name(s)
in bell labs versions of Unix.

Oh, hello. That's an interesting fact. I like it when things like this
come up in discussions here. Thank you!

I found https://illumos.org/man/8/ncheck - interesting!

A quick web search suggests that at least some commercial UNIXes still
have it; Illumos is of course a Solaris derivative, and I found a
reference to it existing on AIX as well. On Linux, assuming ext*, you apparently have to use debugfs to do something similar.

Niklas

Solaris 11 still has it in /usr/sbin:

System Administration Commands ncheck(1M)

NAME
ncheck - generate a list of path names versus i-numbers

SYNOPSIS
ncheck [-F FSType] [-V] [generic_options]
[-o FSType-specific_options] [special]...

DESCRIPTION
ncheck with no options generates a path-name versus
i-number list of all files on special. If special is not
specified on the command line the list is generated for
all specials in /etc/vfstab which have a numeric
fsckpass. special is the raw device on which the file
system exists.

OPTIONS
-F Specify the FSType on which to operate. The FSType
should either be specified here or be determinable
from /etc/vfstab by finding an entry in the table
that has a numeric fsckpass field and an fsckdev
that matches special.

-V Echo the complete command line, but do not execute
the command. The command line is generated by using
the options and arguments provided by the user and
adding to them information derived from
/etc/vfstab. This option may be used to verify and
validate the command line.

[and so on]

OF

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: A noiseless patient Spider (3:633/280.2@fidonet)

Lawrence D'Oliveiro <ldo@nz.invalid> wrote:

I was reading the introductory ???Multics Concepts and Utilization??? book <http://bitsavers.trailing-edge.com/pdf/honeywell/large_systems/multics/F01_multicsIntroCourseOct78.pdf>
over at Bitsavers. Multics (the ???MULTiplexed Information and Computing Service???) was, for its time, an extremely ambitious operating system project. It was first introduced in 1965, in the form of a series of
papers at the AFIPS Fall Joint Computer Conference of that year <https://www.computer.org/csdl/proceedings/1965/afips/12OmNzSh1au>.

Of course, it took far too long (7 years) to reach production quality.
In that time, a small group of researchers at AT&T Bell Labs grew
tired of waiting, and decided to create their own, less ambitious
system, which they called ???UNIX??? as a tongue-in-cheek homage to ???Multics???. And the rest, as they say, is history.

Of course it was a decade or two before UNIX could support and AT&T sized organization.

IBM got pissed when Bell Labs chose GE and cut a similar deal with the University of Michigan. IBM tried to build TSS/360 on their own; UM
gave up after a similar delay but took the simple system route but
built their simple system on the 360/70. And ran it on IBM hardware for
40 years. An IBM Labs group built CP67/CMS->VM370 with good commercial
success.

Multics put a whole series of hardware vnedors out of business (GE, Honeywell, Bull) but IBM had infinite resources.

--
sarr@sdf.org
SDF Public Access UNIX System - http://sdf.org

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: A noiseless patient Spider (3:633/280.2@fidonet)

On 12/23/24 14:16, Lawrence D'Oliveiro wrote:

This is normally hailed as “IBM pioneered virtualization”. But
it was just a less flexible, higher-overhead way of supporting
multiple users than other vendors, like DEC, were able to do far
more efficiently.

I don't see either of those statements as being incompatible with each
other.

I'm not aware of any prior efforts that could be described as
virtualization in the sense that VM / VMware / KVM mean it.

I agree that separate (virtual) systems for people is an inefficient way
to support multiple users.



--
Grant. . . .

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: TNet Consulting (3:633/280.2@fidonet)

On Mon, 23 Dec 2024 17:35:15 -0700, Peter Flass wrote:

Service bureaus loved CP and VM to make sure customer data stayed
secure.

Service bureaus commonly used multiuser timeshared systems, relying on OS protections to keep users out of each other’s data.

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: A noiseless patient Spider (3:633/280.2@fidonet)

On 12/23/24 18:35, Peter Flass wrote:

Great for security, though. Service bureaus loved CP and VM to make
sure customer data stayed secure.

Was it better for security than physically separate machines?

Or was it a compromise that behaved like separate machines without
paying for multiple machines? ;-)



--
Grant. . . .

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: TNet Consulting (3:633/280.2@fidonet)

Grant Taylor <gtaylor@tnetconsulting.net> writes:

Was it better for security than physically separate machines?

Or was it a compromise that behaved like separate machines without
paying for multiple machines? ;-)

CP(VM) kernel was relatively small amount of source code with well
defined interface and relatively simple to modify and audit ... which
govs & service bureaus tended to further restrict (user group
presentations about "padded cells" for general users ... only allowing
full virtual machine capability for specific purposes). Because of the
clean separation it tended to reduce amount and complexity of code
.... so it was easier to address both performance and security issues.

In the 80s, as mainframes got larger, there appeared CP/VM subset
functions implemented directly in hardware&microcode to partition
machines ... LPAR & PR/SM
https://en.wikipedia.org/wiki/Logical_partition
which now can be found on many platforms, not just IBM mainframes ...
heavily leveraged by large cloud datacenter operations https://aws.amazon.com/what-is/virtualization/
How is virtualization different from cloud computing?

Cloud computing is the on-demand delivery of computing resources over
the internet with pay-as-you-go pricing. Instead of buying, owning, and maintaining a physical data center, you can access technology services,
such as computing power, storage, and databases, as you need them from a
cloud provider.

Virtualization technology makes cloud computing possible. Cloud
providers set up and maintain their own data centers. They create
different virtual environments that use the underlying hardware
resources. You can then program your system to access these cloud
resources by using APIs. Your infrastructure needs can be met as a fully managed service.



--
virtualization experience starting Jan1968, online at home since Mar1970

--- MBSE BBS v1.0.8.4 (Linux-x86_64)
* Origin: Wheeler&Wheeler (3:633/280.2@fidonet)