Part of the cleverness of Unix permissions (a little thought)
Ever since it's become popular to add various sorts of advanced permissions schemes to Unixes (ACLs, for example), it's struck me that part of the genius of Unix permissions is that they are short.
I don't particularly mean short in storage terms (although that didn't hurt Unix in the early days). I mean short more in the sense of 'simple'; Unix permissions are simple enough that they have a short, clear representation. You can describe the basic access permissions for a file with three relatively short strings (the actual permissions plus who the owner and group of the file is), and these strings are mostly self-contained.
(You don't necessarily know who is in the group without running a command.)
I think that this shortness is an important part of why Unix permissions
work relatively well. Short permissions are easy to display (which means
that they can be displayed routinely, for example in '
ls -l' output)
and relatively easy to understand. Because they are simple, they have
few surprising interactions. I'll even go so far as to say that short,
simple permissions are relatively easy to manipulate.
(There are aspects of Unix permissions that are not easy to understand and predict, things like what even the permission bits mean on directories, what the various obscure permission bits mean on everything, and so on. But I tend to think that this just adds complexity around the edges, not in the center.)