From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Thu, 1 Jan 2009 14:53:33 -0800 From: "Roman V. Shaposhnik" In-reply-to: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Message-id: <1230850413.11463.79.camel@goose.sun.com> MIME-version: 1.0 Content-type: text/plain Content-transfer-encoding: 7BIT References: Subject: Re: [9fans] sendfd() on native Plan 9? Topicbox-Message-UUID: 748d4dba-ead4-11e9-9d60-3106f5b1d025 On Tue, 2008-12-30 at 10:31 -0500, erik quanstrom wrote: > > You have to ensure that I can't dial it and authenticate with > > factotum. It's a mess!) > > how would that attack work? > > supposing that you have a fully jailed process. if it has a connection > to the fileserver, which does do security by user id, the jailed process > can still mess with you. say by deleting all your files. > > i think the real question here is why don't you trust your > processes? is it because someone else is running them That was, essentially, my original question. Nathaniel, could you, please answer it? Thanks, Roman.