From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <8859357829938d06bd512e70b6e23590@hamnavoe.com> To: 9fans@9fans.net From: Richard Miller <9fans@hamnavoe.com> Date: Tue, 2 Dec 2014 09:50:21 +0000 In-Reply-To: <547D3967.2020200@gr13.net> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] Factotum vs SASL Topicbox-Message-UUID: 31e360da-ead9-11e9-9d60-3106f5b1d025 > To mimic the usual Unix behaviour, I would need some getty/login-alike > program, which asks for login credentials and then starts up things > like shell or gui (some window-manager-/DE-alike program) as the > corresponding, which then is _not_ the hostowner. For this sort of functionality the computer needs to be running as a plan 9 cpu server, not a terminal in which by definition hostowner controls everything. Somewhere in /contrib there is a patch which makes a few changes to the cpu kernel to allow a login on the console by a user different from hostowner, who then becomes termowner with permissions over some but not all of the local hardware (eg keyboard and mouse but not disk). It's not hard to do. But it's only pretend security if the user has physical access to the machine. The "plan 9 way" is to keep the cpu server in a locked box and get another computer to be a terminal. A raspberry pi doesn't cost much.