Returned mail

[MAILER-DAEMON@iss.southafrica.NCR.COM MAILER-DAEMON@iss.southafrica.NCR.COM]

Your mail could not be delivered because of the following reason:


   ----- Transcript of session follows -----
Executing: /usr/lib/mail/surrcmd/smtpqer -B -C -u iss.SouthAfrica.NCR.COM!ncrlnk!ncrhub4!ncrgw1!cse.psu.edu!9fans capetown.SouthAfrica.ATTGIS.COM lynna@capetown.SouthAfrica.ATTGIS.COM
smtpqer: Binary contents cannot be sent via SMTP
server "/usr/lib/mail/surrcmd/smtpqer" failed - unknown mailer error 1

   ----- Unsent message follows -----
>From ncrhub4!ncrgw1!cse.psu.edu!9fans Fri Aug 18 19:11 EDT 1995 remote from ncrlnk
Received: by ncrlnk.DaytonOH.NCR.COM; 18 Aug 95 19:11:13 EDT
Received: by ncrhub4.ATTGIS.COM; 18 Aug 95 19:11:54 EDT
Received: by ncrgw1.ATTGIS.COM; 18 Aug 95 19:09:10 EDT
Received: by colossus.cse.psu.edu id <46305>; Fri, 18 Aug 1995 18:51:41 -0400
Received: from galapagos.cse.psu.edu ([130.203.2.12]) by colossus.cse.psu.edu with SMTP id <46302>; Fri, 18 Aug 1995 18:51:25 -0400
Received: from localhost by galapagos.cse.psu.edu with SMTP id <12776>; Fri, 18 Aug 1995 18:51:28 -0400
To:	9fans@cse.psu.edu
Subject: Re: religious wars 
In-reply-to: Your message of "Fri, 18 Aug 1995 16:48:37 EDT."
             <95Aug18.170312edt.46305@colossus.cse.psu.edu> 
Date:	Fri, 18 Aug 1995 18:51:23 -0400
From:	Scott Schwartz <schwartz@galapagos.cse.psu.edu>
Message-Id: <95Aug18.185128edt.12776@galapagos.cse.psu.edu>
Sender: owner-9fans@cse.psu.edu
Precedence: bulk
Reply-To: 9fans@cse.psu.edu

I agree with most of what Dave wrote; here's my 2B".

| If one takes Vadim's argument to the extreme, he
| should eliminate passwords internally since he
| has adequate protection, trusts everyone
| internally, and plan 9 is just a toy system.
| We ran that way ourselves for years
| (till management started using Plan 9 and wanted
| something better to keep us from seeing
| their secret stuff).

Lots of things about the system, and unix before it, reflect this mode
of development.  Consider file permissions: user/group/other is
adequate in uncomplicated circumstances, but in the typical university
setting access control lists would make life much easier,
particularly because the people you trust with particular files or
directories varies so much and so dynamically.

Also, there's a difference between any-user and unauthenticated-person
that user none doesn't seem to capture.  Shipping the system with
telnetd allowing "none" to log in from anywhere strikes me as a
mistake.  Allowing anonymous 9p connections is worrysome too.  AFS does
better, since it lets you restrict what unauthenticated users are
allowed to look at (easy with ACLs).

| Out biggest fear is that this pressure will make
| passwords a default mechanism.  We'ld rather see
| people working on getting Unix and DOS to use 
| better security or making Plan 9 security
| tighter like adding expontial key exchange than
| to add options to Plan 9 to make it less secure.
| Just the ability to do passwords in the clear is
| the first step down a very steep slope.  Climbing
| back up again is real hard.  We have a chance for
| a system that never goes that route, why blow it.

I very strongly agree with this.  In the unix world most people (and
vendors) aggressively avoid kerberos, s/key, and other things that
would improve our lives.  Plan 9 is a rare and valuable example of
doing things better and easier.  When I show it off to visitors I
always point that out.