On Thu, Aug 6, 2009 at 8:52 AM, Corey
<corey@bitworthy.net> wrote:
I imagine this is probably a subject full of landmines, so I don't want to
start a war! I won't press the issue, just want to respond to this, and
then I'll just leave the status quo well enough alone.
I respect those opinions which differ from my own.
On Wednesday 05 August 2009 23:30:38 John Floren wrote:
> On Wed, Aug 5, 2009 at 11:15 PM, Corey<
corey@bitworthy.net> wrote:
> > On Wednesday 05 August 2009 19:42:54 Anthony Sorace wrote:
> >> philosophy. plan9, like research unix before it, recognizes that if
> >> you have physical access to the box, all bets are off anyway.
> >
> > Well, sounds like a flawed philosophy taken too far.
> >
> > Flawed, because all bets are not necessarily off with physical access;
> > and taken too far, because... dang, what harm is there in providing
> > that last means of interference to a hostile?
> >
<snip>
> >> security consists of locking your door.
> >
> > ... which means bootes is just a quick hacksaw or boltcutter or
> > crowbar away... so why even bother with a locked door?
> >
That wasn't a rhetorical question. Why bother locking your door?
Any intruder worth his weight in salt can circumvent such a simple
security mechanism with ease.
Why lock your door, when you're living in a gated community?
I think the bit you are leaving out is the fact that a "proper" Plan 9 installation "needs" terminals.
Your cpu/auth/filesystem machines can be somewhere safe, with as much physical safety as you need (physical barriers are much easier to set up and administer that electronic ones). If all is set up properly, you will never have to touch those machines again. Unless the machines break and you need to look at the hardware.
Your terminal, on the other hand is ephemeral and you have go through the usual security checks if you want to access your cpu and filesystem servers.