From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <547C0A85.9090906@gr13.net> Date: Mon, 1 Dec 2014 07:28:21 +0100 From: "Enrico Weigelt, metux IT consult" User-Agent: Mozilla/5.0 (X11; Linux i686; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 MIME-Version: 1.0 To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> References: <546981BE.90704@gr13.net> <547A2280.4020407@gr13.net> <547A388C.2030006@gr13.net> <7fed26ea40724d100df8e86bb79b0a32@lilly.quanstro.net> In-Reply-To: <7fed26ea40724d100df8e86bb79b0a32@lilly.quanstro.net> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [9fans] Factotum vs SASL Topicbox-Message-UUID: 307ae5a6-ead9-11e9-9d60-3106f5b1d025 On 29.11.2014 22:23, erik quanstrom wrote: >> In my scenario, I'm (more precisely: the account I'm using) not the >> hostowner, just a plain user - in Unix terms: non-root). But that >> account has the special privileges of controlling the network >> connections. Other accounts may only choose from a predefined list >> of connections. > > if you've logged into a plan 9 terminal, then you *are* the hostowner. > this is a non-problem. So, what about multiuser environments, where the guy in front of the console is just an arbitrary user, who shouldn't be allowed to access everything on the machine (nor disturb other users) ? > "in Unix terms" doesn't work here. root != hostowner. they are very > different concepts. hmm, so, what exactly does the term "hostowner" mean here ? I've understood it as the user, who gets full access to the machine, eg. can do anything with local disks, etc. When I'm talking about non-root (in unix terminology), I'm refering to normal unprivileged users, who do not have any administrative capabilities, but just *might* be sitting directly on the console. >> The network itself is controlled by some separate service (eg. network >> manager - which eg. comes quite handy for travelers, etc). Now we need >> to decide which accounts may control it or just see some status. > > again, this is not how a plan 9 box would work. when you log into the > machine, you own all the h/w. you can do what you want. Okay, that's a scenario I absolutely do NOT want. The guy in front of the console should authenticate as a normal user and then only be allowed to access his own environment (no direct control over hw, etc). So, we're maybe just lacking similar to gettys/login do on unix ? cu -- Enrico Weigelt, metux IT consulting +49-151-27565287