From: Robert Raschke <rtrlists@googlemail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Subject: Re: [9fans] a few Q's regarding cpu/auth server
Date: Thu, 6 Aug 2009 09:19:35 +0100 [thread overview]
Message-ID: <6a3ae47e0908060119s431551e1ge53d11bf0b2e477a@mail.gmail.com> (raw)
In-Reply-To: <200908060052.55018.corey@bitworthy.net>
[-- Attachment #1: Type: text/plain, Size: 2027 bytes --]
On Thu, Aug 6, 2009 at 8:52 AM, Corey <corey@bitworthy.net> wrote:
>
> I imagine this is probably a subject full of landmines, so I don't want to
> start a war! I won't press the issue, just want to respond to this, and
> then I'll just leave the status quo well enough alone.
>
> I respect those opinions which differ from my own.
>
> On Wednesday 05 August 2009 23:30:38 John Floren wrote:
> > On Wed, Aug 5, 2009 at 11:15 PM, Corey<corey@bitworthy.net> wrote:
> > > On Wednesday 05 August 2009 19:42:54 Anthony Sorace wrote:
> > >> philosophy. plan9, like research unix before it, recognizes that if
> > >> you have physical access to the box, all bets are off anyway.
> > >
> > > Well, sounds like a flawed philosophy taken too far.
> > >
> > > Flawed, because all bets are not necessarily off with physical access;
> > > and taken too far, because... dang, what harm is there in providing
> > > that last means of interference to a hostile?
> > >
> <snip>
> > >> security consists of locking your door.
> > >
> > > ... which means bootes is just a quick hacksaw or boltcutter or
> > > crowbar away... so why even bother with a locked door?
> > >
>
> That wasn't a rhetorical question. Why bother locking your door?
>
> Any intruder worth his weight in salt can circumvent such a simple
> security mechanism with ease.
>
>
Why lock your door, when you're living in a gated community?
I think the bit you are leaving out is the fact that a "proper" Plan 9
installation "needs" terminals.
Your cpu/auth/filesystem machines can be somewhere safe, with as much
physical safety as you need (physical barriers are much easier to set up and
administer that electronic ones). If all is set up properly, you will never
have to touch those machines again. Unless the machines break and you need
to look at the hardware.
Your terminal, on the other hand is ephemeral and you have go through the
usual security checks if you want to access your cpu and filesystem servers.
Robby
[-- Attachment #2: Type: text/html, Size: 2667 bytes --]
next prev parent reply other threads:[~2009-08-06 8:19 UTC|newest]
Thread overview: 49+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-08-06 2:20 Corey
2009-08-06 2:42 ` Anthony Sorace
2009-08-06 6:15 ` Corey
2009-08-06 6:30 ` John Floren
2009-08-06 7:52 ` Corey
2009-08-06 8:19 ` Robert Raschke [this message]
2009-08-06 23:28 ` Corey
2009-08-07 0:01 ` John Floren
2009-08-07 0:14 ` ron minnich
2009-08-07 0:17 ` John Floren
2009-08-07 8:55 ` Steve Simon
2009-08-07 1:00 ` Corey
2009-08-06 10:33 ` Steve Simon
2009-08-07 1:34 ` blstuart
2009-08-07 2:50 ` Anthony Sorace
2009-08-07 12:37 ` Ethan Grammatikidis
2009-08-07 14:37 ` Anthony Sorace
2009-08-07 14:53 ` David Leimbach
2009-08-07 12:05 ` Ethan Grammatikidis
2009-08-07 12:29 ` Iruata Souza
2009-08-07 12:39 ` Ethan Grammatikidis
2009-08-07 13:02 ` Iruata Souza
2009-08-07 13:27 ` Ethan Grammatikidis
2009-08-07 14:44 ` Wes Kussmaul
2009-08-06 12:54 ` erik quanstrom
2009-08-06 15:16 ` David Leimbach
2009-08-06 11:47 ` erik quanstrom
2009-08-07 0:25 ` Roman Shaposhnik
2009-08-07 0:59 ` hiro
2009-08-07 3:04 ` Daniel Lyons
2009-08-07 3:36 ` John Floren
2009-08-07 9:51 ` erik quanstrom
2009-08-08 4:12 ` lucio
2009-08-07 1:29 ` blstuart
2009-08-10 10:06 ` Corey
2009-08-10 10:33 ` Steve Simon
2009-08-10 10:43 ` Corey
2009-08-10 16:01 ` ron minnich
2009-08-10 20:43 ` Corey
2009-08-11 1:18 ` erik quanstrom
2009-08-07 4:19 lucio
2009-08-07 5:04 ` Corey
2009-08-08 4:26 ` lucio
2009-08-07 4:19 lucio
2009-08-07 4:19 lucio
2009-08-07 4:55 ` Daniel Lyons
2009-08-08 4:08 ` lucio
2009-08-08 7:42 ` Daniel Lyons
2009-08-07 4:56 ` Corey
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6a3ae47e0908060119s431551e1ge53d11bf0b2e477a@mail.gmail.com \
--to=rtrlists@googlemail.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).