From mboxrd@z Thu Jan  1 00:00:00 1970
MIME-Version: 1.0
In-Reply-To: <8c05f41eb1f9a25d256bbe7caf738e82@kw.quanstro.net>
References: <46914d2c-437d-406e-a928-123f4d09f9f7@u15g2000prd.googlegroups.com>
	<twig.1271019683.64317@swcp.com> <twig.1271023461.54648@swcp.com>
	<twig.1271050473.62478@swcp.com>
	<c7d3636b6853063a3d4059c24e38ec08@kw.quanstro.net>
	<w2tf4d8fa41004120628w3dd585f7r701e55941091662b@mail.gmail.com>
	<9c9e4b12769a946cad1659bb2a83fe0c@coraid.com>
	<l2if4d8fa41004120711w25b72352i1e4bc05cb881f037@mail.gmail.com>
	<n2t9ab217671004120735g86232fddr994ae2b34f88183d@mail.gmail.com>
	<8c05f41eb1f9a25d256bbe7caf738e82@kw.quanstro.net>
Date: Mon, 12 Apr 2010 17:08:29 +0200
Message-ID: <k2nf4d8fa41004120808r7a0f0bfeoed93e2fe4f747460@mail.gmail.com>
From: hiro <23hiro@googlemail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Content-Type: text/plain; charset=UTF-8
Subject: Re: [9fans] /sys/lib/newuser patch
Topicbox-Message-UUID: ffdfea48-ead5-11e9-9d60-3106f5b1d025

And the users are running in single sandboxes?

On 4/12/10, erik quanstrom <quanstro@quanstro.net> wrote:
>> 2010/4/12 hiro <23hiro@googlemail.com>:
>> > I have not the slightest idea about the complexity involved; And I
>> > think I misunderstand how much of plan9 is actually running in a
>> > sandbox. But what if we wanted to have a working security system for
>> > multiple users in 9vx. Would it be - or is it - possible?
>>
>> Yes, it is possible, but it probably requires writing something to use
>> PAM (or whatever authentication mechanism is set up) on the host
>> system. I have a few ideas for this.
>
> iirc, 9vx doesn't have devcap.
>
> the problem you're addressing can't be addressed well through #Z.
> unix systems act differently than plan 9 ones do. there are a host
> of locking, etc. questions that #Z doesn't handle either.   it would be
> easier
> to use a plan 9 fs (ken fs, cwfs, fossil).  then you wouldn't need to
> deal with unix authentication.
>
> - erik
>
>