Re: [9fans] Factotum vs SASL

["Enrico Weigelt, metux IT consult" <enrico.weigelt@gr13.net>]

On 29.11.2014 22:23, erik quanstrom wrote:
>> In my scenario, I'm (more precisely: the account I'm using) not the
>> hostowner, just a plain user - in Unix terms: non-root). But that
>> account has the special privileges of controlling the network
>> connections. Other accounts may only choose from a predefined list
>> of connections.
>
> if you've logged into a plan 9 terminal, then you *are* the hostowner.
> this is a non-problem.

So, what about multiuser environments, where the guy in front of the
console is just an arbitrary user, who shouldn't be allowed to access
everything on the machine (nor disturb other users) ?

> "in Unix terms" doesn't work here.  root != hostowner.  they are very
> different concepts.

hmm, so, what exactly does the term "hostowner" mean here ?
I've understood it as the user, who gets full access to the machine,
eg. can do anything with local disks, etc.

When I'm talking about non-root (in unix terminology), I'm refering
to normal unprivileged users, who do not have any administrative
capabilities, but just *might* be sitting directly on the console.

>> The network itself is controlled by some separate service (eg. network
>> manager - which eg. comes quite handy for travelers, etc). Now we need
>> to decide which accounts may control it or just see some status.
>
> again, this is not how a plan 9 box would work.  when you log into the
> machine, you own all the h/w.  you can do what you want.

Okay, that's a scenario I absolutely do NOT want.
The guy in front of the console should authenticate as a normal user
and then only be allowed to access his own environment (no direct
control over hw, etc).

So, we're maybe just lacking similar to gettys/login do on unix ?


cu
--
Enrico Weigelt,
metux IT consulting
+49-151-27565287