2 comments

[ 2.0 ms ] story [ 14.4 ms ] thread
VMS acquired this circa 1995, via a mechanism called protected subsystems, and specifically via a subsystem ACL.

The associated access control list entry added additional access onto the running program, and the rights were stripped off at exit.

http://h71000.www7.hp.com/doc/73final/6346/6346pro_030.html

tl;dr of that web page: an administrative user can configure running programs to have their own identities granted via an access control list entry; identities which where then considered in conjunction with the user's identities.