From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <34cf4c7e79306f17b5d765989db20dba@9fs.org>
From: nigel@9fs.org
To: 9fans@cse.psu.edu
Subject: Re: [9fans] secstore
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Date: Wed, 15 May 2002 13:26:52 +0100
Topicbox-Message-UUID: 92a19a68-eaca-11e9-9e20-41e7f4b1d025

In the light on Lucio's comment, if I was paranoid, I would need to prevent
the casual user from binding '#'S, or rather, opening /dev/sdC0/fs, since
they could root around in there, rather than use /srv/kfs.

So, for the paranoid, a separate auth server is more sensible. At least,
those paranoid about security. Those of us more paranoid about heat, noise,
and the electricty bill will probably choose a bit of hacking of pccpu.

Assuming the kfs on the cpu server is not protected, the presumably,
keeping secstore on the fileserver is no more insecure?

I'm really only interested in the convenience of having to give a single
password all day.