From mboxrd@z Thu Jan  1 00:00:00 1970
Message-ID: <418c4ae286cd3a840b34bbfeaf61cfdb@proxima.alt.za>
To: 9fans@9fans.net
Date: Fri, 27 Nov 2009 16:24:51 +0200
From: lucio@proxima.alt.za
In-Reply-To: <3327f69dce9b47312a2241e1237c21cc@terzarima.net>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Subject: Re: [9fans] SSH server
Topicbox-Message-UUID: a4228b34-ead5-11e9-9d60-3106f5b1d025

>>If it is, there's a depth of cleverness in the new Plan 9
>>security model that I had missed until now, namely the elimination of
>>the intermediate "superuser" step required by the Unix paradigm.
>
> indeed that's the point.

Too clever for my ageing brain :-) Of course, I knew the facility
existed, but I didn't associate it with the absence of "root" and the
elimination of setuid().  I think this type of subtle cleverness
should be documented more explicitly, I'm sure I'm not the only one to
overlook its ramifications.  Like, as another example.  the use of
groups in Plan 9, together with the group leader: nowhere are there
good examples that clarify how different these are from the Unix
model.  And documenting these principles is not easy: you need to
understand them very well.

++L