From mboxrd@z Thu Jan 1 00:00:00 1970 Mime-Version: 1.0 (Apple Message framework v733) In-Reply-To: <6e35c062050718082422bb8903@mail.gmail.com> References: <6ca31021b2462e48d3e273e28950c0eb@terzarima.net> <6e35c062050718082422bb8903@mail.gmail.com> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: David Leimbach Subject: Re: [9fans] First-timer help Date: Mon, 18 Jul 2005 08:33:36 -0700 To: Jack Johnson , Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu> Cc: Topicbox-Message-UUID: 6a4e88ae-ead0-11e9-9d60-3106f5b1d025 On Jul 18, 2005, at 8:24 AM, Jack Johnson wrote: > On 7/17/05, Dave Lukes wrote: > >> If you store data on a machine to which other people have physical >> access, there are many simple ways for them to remove or tamper >> with it. >> > > I remember seeing USB fingerprint scanners in some random store a few > years back and laughed hysterically when I saw that particular brand > was compatible with Windows 98 only. > > Sure, pretty much any physical access will let you in, but some > portals are easier to squeeze through than others (pun intended). Our "first timer" doesnt' realize that Plan 9 defaults to "terminal mode" on install. The reasoning behind this "easy access to files" is that you shouldn't be keeping your files on a local machine. Plan 9 was designed for grids with I/O nodes that have some physical security. While you "can" run most anything you want in terminal mode it's not the originally intended configuration for the OS. I still like this model better, there is no root user, though there is a filesystem owner which I guess is similar. Personally, the first thing I do when I install plan 9 is to compile a cpu/fs/auth kernel and switch to that after a bit of testing. Then I drawterm in. I can have many users but there is still only one "owner" for those files on the system. What I wonder about is how to make it so not just anyone can do "con / srv/fscons" and get full access to the files :). I'm still pretty new to all of this too, mainly due to sporadic spare time to play around with it. Dave > > -Jack >