From mboxrd@z Thu Jan  1 00:00:00 1970
To: 9fans@cse.psu.edu
Subject: Re: [9fans] Plan 9 versus CORBA?
From: okamoto@granite.cias.osakafu-u.ac.jp
MIME-Version: 1.0
Mime-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Message-Id: <20010926031317.68E3C1998A@mail.cse.psu.edu>
Date: Wed, 26 Sep 2001 12:13:29 +0900
Topicbox-Message-UUID: f3feda9c-eac9-11e9-9e20-41e7f4b1d025

Thanks David.

I might have feared too much.   However, when we are considering the
security, we assume we may be intruded by someone with bad will someday.

In the present Plan 9, 'none' user cannot login our system from outside,
I mean other than terminals, which may be enough to prevent accidental
reading the data by such external user.

If the above statement is correct, someone can enter as 'none' user
and read hidden internal data in a future...

I wrote that thing because I've been touched Amoeba5.3 this month,
where they have different security scheme using capability which attracted
me somewhat (as far as I can understand it).  Partticularly ion the popint
 they have it per object, and have more variable security schem, or
in other words, capability.  Then, I thought we can make some change of
security scheme other than just file permission scheme...  Of course,
I don't know this may break the integrity of our system.

That is the story why I wrote the previous message.  I think I understand
your stance, and I agree with you now.

The 'noworld' user may be attractive to open a database for external use,
thanks.

Kenji

PS.  This is not serious but some kind of kidding.  Students will like to find
something interesting which is not similar to us sometime.  S/he can
append joke mail to someone, such as supervisor :-), where s/he has no
bad will though.  ^_^