[OpenAFS] why PAGs?

[Adam Megacz]

I recently found out that Coda does not have PAGs, and deliberately
omits them (it's not just that they haven't had time to implement them).

This got me to wondering: why does AFS have PAGs?  Restricting the focus
to UNIX for a moment, if we assume that there is a local userid for
every PTS identity, are PAGs really necessary?  Even for something like
mod_waklog, it should be possible to use local userids for credential
isolation.

Just curious.  I'm not seriously proposing getting rid of PAGs or
anything like that.  Just trying to understand things.

  - a