From: erik quanstrom <quanstro@quanstro.net>
To: 9fans@9fans.net
Subject: Re: [9fans] permissions
Date: Sun, 17 Oct 2010 18:56:15 -0400 [thread overview]
Message-ID: <b988b8764019147f29b66f3599efc329@plug.quanstro.net> (raw)
In-Reply-To: <621112A569DAE948AD25CCDCF1C07533299A01@dolly.ntdom.cupdx>
> If I were running a Plan 9 server on bare hardware in the datacenter,
> I wouldn't want to have to take a hike every time I needed to do
> certain activities, even though my key to the datacenter door grants
> me physical access should I need it. In this case, though, it's
> running under VMware ESXi, so the vSphere Client gives me remote
> access to the console, much as the HMC does for the AIX systems, but
> still... My point is that if one wants to open themselves up to
> another avenue of attack (albeit carefully controlled) by allowing
> such things to be done via network, they should be able to. So in
> that sense, maybe drawterm'ing to hostowner is the appropriate answer...
at coraid and at home, serial console &/| cec and consolefs(8)
has been sufficient for almost all cases, including rebooting
the auth server. we use power switches in testing, in case
we really wedge machines.
i don't see an additional security concern, as logging in is
the first step to contacting consolefs.
- erik
next prev parent reply other threads:[~2010-10-17 22:56 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-10-17 5:35 Benjamin Huntsman
2010-10-17 6:00 ` Skip Tavakkolian
2010-10-17 6:19 ` erik quanstrom
2010-10-17 6:36 ` Benjamin Huntsman
2010-10-17 13:59 ` erik quanstrom
2010-10-17 16:01 ` blstuart
2010-10-17 16:11 ` erik quanstrom
2010-10-17 17:17 ` ron minnich
2010-10-17 18:11 ` Benjamin Huntsman
2010-10-17 18:18 ` erik quanstrom
2010-10-17 19:17 ` blstuart
2010-10-17 19:59 ` Benjamin Huntsman
2010-10-17 20:40 ` blstuart
2010-10-17 21:22 ` Benjamin Huntsman
2010-10-17 22:56 ` erik quanstrom [this message]
2010-10-18 9:00 ` Steve Simon
2010-10-18 9:29 ` dave.l
2010-10-18 9:34 ` Bruce Ellis
2010-10-18 11:07 ` Dave Eckhardt
2010-10-18 11:11 ` Bruce Ellis
2010-10-17 22:58 ` blstuart
2010-10-19 18:18 ` Nathaniel W Filardo
2010-10-17 23:00 ` erik quanstrom
-- strict thread matches above, loose matches on Subject: below --
2001-10-18 14:28 Russ Cox
2001-10-23 20:34 ` Matthew Hannigan
2001-10-24 8:44 ` Douglas A. Gwyn
2001-10-18 14:00 Russ Cox
2001-10-18 14:12 ` Lucio De Re
2001-10-18 13:56 Lucio De Re
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b988b8764019147f29b66f3599efc329@plug.quanstro.net \
--to=quanstro@quanstro.net \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).