From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <14ec7b180810201805r376a665u7116175c4e387b26@mail.gmail.com> Date: Mon, 20 Oct 2008 19:05:44 -0600 From: "andrey mirtchovski" To: "Fans of the OS Plan 9 from Bell Labs" <9fans@9fans.net> In-Reply-To: <476c0463b6a73667d50ba792ef1ada3d@quanstro.net> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <476c0463b6a73667d50ba792ef1ada3d@quanstro.net> Subject: Re: [9fans] Multi-domain authentication? Topicbox-Message-UUID: 234041f6-ead4-11e9-9d60-3106f5b1d025 > i'm not sure. what does "complete filesystem semantics" mean? let me > rephrase. honouring group and user permissions, instead of using a world-writable partition with everybody treated as "none". > the premise is that the local system, and thus i assume the local fs, has > no knowledge of the user. this task has been delegated to a foreign auth > server. so what are the mechanics of getting the local fs to treat an > unknown user as something other than none? i don't believe everything was thought-through very thoroughly before people became indifferent to the idea. one suggestion was to use "user@authdom" for figuring out "local" vs "remote" users (i.e., become "user@authdom" instead of "none"). > supposing this problem is solved, don't you need quotas or something > if you don't know who exactly to yell at for filling up the worm? access control lists? i'm afraid i don't know the answer and i'm certainly not prepared to dive into this any deeper. it's been quite a while :) i hope to have relayed the original idea: give "friendly users" some access to your resources.