Security, Death, and Renaissance

Back in 1988 or so, when VA first released Fileman's new File Access-by-User security model, it was released not as part of Fileman's installation but as part of Kernel's. It was the third part of the process of installing Kernel version 6, so we called it Kernel Part Three (which is still how it's referred to by senior IHS developers). It even had a separate installation manual.

In documenting it, we focused on that transitional work - on how to perform the installation and how to organize the work that needed to be done - but we neglected to document suggested profiles for how it should be configured for each different kind of Fileman user. This would have been the most useful thing to document, since for IT departments it's the main work involved in using File Access-by-User.

We left it out of the documentation of Kernel version 6 (and Fileman 17.7) because we were developing a tool for sites to use, and we didn't know precisely how they were going to make use of it. We didn't know their different Fileman users as well as they did, so we left it to the sites to develop profiles for each Fileman user role.

What should have happened next, for Kernel version 6.5 or Fileman 18, was to learn from the sites how they configured File Access-by-User so we could document it, but we never did that. We left this crucial security system documented only in the abstract.

Why did we never finish this?

I can't help but remember that VA's shift to its new file-security model happened a year or so before the death of VA Fileman developer Michael Distaso and his partner Keith Orner in their tragic accident (26 November 1989, just over a few month after the 1989 San Francisco earthquake that may indirectly have taken their lives by weakening the cliffs at Point Reyes National Park).

When Michael's students, Young Ko and Maureen Hoye, took over after his death, they were scrambling to fill a nearly legendary pair of shoes. Young Ko decided to move back to Korea so his son could learn about Korean culture, which left Maureen to try to take Michael's place alone.

Maureen did the smartest thing anyone could have in her position; over the next couple years, she built a team of programmers, so that with enough people they could break up the massive job of supporting and developing VA Fileman into the smaller jobs of managing each of its modules. That was when I joined the Fileman team, as part of her project to build up a team of people to take over and continue Michael's work.

What neither she nor anyone else could overcome, though, is that so much of the understanding about how VA Fileman worked - and what was supposed to be done next - had only ever been kept in Michael Distaso's memory (at least since the time original Fileman author George Timson left VA to form DI*STAR). I believe documentation of how all this file security worked - and the polishing and finishing of it all - got unavoidably lost in the transition after Michael's death. This was one of the many ways in which the VISTA community was dealt a grievous blow by Michael's death.

Although the word "renaissance" means rebirth, its true meaning in the world is reestablishing continuity, overcoming a dark age by creating a bridge with the past, to rediscover lost treasures and resume lost work for the benefit of the world. Now, with the help of George Timson and a new generation of Fileman developers, we're working on a Fileman renaissance, to find and pick back up the various dropped threads in Fileman's development and documentation.

Fileman security is one of those threads.

There isn't enough time left before the release of Fileman 22.2 to try to collect and document all the Fileman user roles for File Access-by-User, but we will try to do so in one of the next versions of Fileman. In the meantime, for version 22.2 we're giving you Fileman's first security and privacy manual.

like0