From: Anthony Sorace <anothy@gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Subject: Re: [9fans] create user with password
Date: Tue, 17 Feb 2009 06:43:19 -0500 [thread overview]
Message-ID: <509071940902170343q3298de2ahb08a170a19a0c027@mail.gmail.com> (raw)
In-Reply-To: <20090217102236.203770@gmx.net>
the model around users and passwords can be one of the most confusing
things for someone coming from other systems. the very short,
oversimplified version is that plan9 doesn't really carae about such
things if all you're doing is local access; you'll need a real
user/passwd when you start trying to access remote resources.
when you boot a plan9 kernel, it has a cocept of "hostowner"
(sometimes refered to as 'eve'). conventially, for terminals right
after installation, this is "glenda", but it can be almost anything
you like. nino, glenda, adm, or iamnotreallyauser should all work.
hostowner wil be set to that, and hostowner will own all the kernel
resources and all the initial processes (except, perhaps, a few
started as "none"). if you'd like to reboot your box as 'adm' or
'glenda' and scribble all over important system files, nothing will
stop you.
as soon as you try to access some remote resource, however, you're
going to be asked to present credentials demonstrating you are who you
say you are. an "auth server" will get involved, and then the process
with the auth/* files will be necessary.
you're entirely able to set this up on your local terminal to get a
sense of how it all fits together (read the man pages and wiki entries
on setting up an auth server), but keep in mind the local
permisiveness remains. this can be disconcerting to somone used to the
illusion of security provided by a local password. if your data is
that important, you ought to be encrypting it if there's some chance
an untrusted party will physically get their hands on it. once someone
has their hands on your disk, all bets are off.
next prev parent reply other threads:[~2009-02-17 11:43 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-02-17 10:22 Nino on NetBSD 4.0
2009-02-17 11:43 ` Anthony Sorace [this message]
[not found] ` <a81fe9be0902170323l659dd8f5s61d154ffdeccf3b3@mail.gmail.com>
2009-02-17 12:34 ` Nino on NetBSD 4.0
2009-02-17 13:23 ` erik quanstrom
2009-02-17 15:48 Jonas Amoson
2009-02-18 9:52 ` Nino on NetBSD 4.0
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=509071940902170343q3298de2ahb08a170a19a0c027@mail.gmail.com \
--to=anothy@gmail.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).