From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <6e35c0620601242346q256802f1j48b1f1cd547fbf0f@mail.gmail.com> Date: Tue, 24 Jan 2006 23:46:47 -0800 From: Jack Johnson To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Subject: Re: [9fans] fuse bashing In-Reply-To: <20276.1138167055@piper.nectar.cs.cmu.edu> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <43D53D9F.90702@lanl.gov> <20276.1138167055@piper.nectar.cs.cmu.edu> Topicbox-Message-UUID: e72a33b4-ead0-11e9-9d60-3106f5b1d025 On 1/24/06, Dave Eckhardt wrote: > The part of AFS I like is that every user can define new groups. Not ACLs, but I've thought it would be nice to reuse SSH keys and maybe make another dot-directory, and anyone with a matching public key in the dot-directory would have access to it, similar to .ssh/authorized_keys but with a separate file per user. Maybe have a hierarchy inside to determine which operations were allowed by which keysets. That way the owner(s) could assign arbitrary permissions without any third-party intervention, and potentially cross administrative realms. It could even be relatively cross-platform, something you could do with a GUI on other OSes in a way semi-intuitive for newbies. The key processing would probably add too much overhead for general use, but the tradeoff might be worth it for those instances where you're trying to facilitate certain kinds of data sharing. -Jack