From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 24820 invoked from network); 21 Jan 2021 23:25:49 -0000 Received: from 1ess.inri.net (216.126.196.35) by inbox.vuxu.org with ESMTPUTF8; 21 Jan 2021 23:25:49 -0000 Received: from mail-ej1-f43.google.com ([209.85.218.43]) by 1ess; Thu Jan 21 17:55:10 -0500 2021 Received: by mail-ej1-f43.google.com with SMTP id l9so5002027ejx.3 for <9front@9front.org>; Thu, 21 Jan 2021 14:55:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=UNaeUQXiE9dYm6D1mHurVjXb41prrM/wxuSq2iBOICc=; b=ajq+KNkakIaEE7PnnikZw8hI2cT4vkVV135gxiZVv4cVuWHh6vczEoT6CT0SSHTIZd L9guqNICmTX8jST+HS4FiC9O0QOJARJbIUXkoXiqRrJotaM/zDKrvbGVoRzGQ3p/K31N tQ8zSx0IZArRc+gRFgbhU27W+lDePkCaIjyfo4NjUUQPCbjjWmHshF+hFMj6INlUOvDI yGRm6cJTp4lmPX4d5kdintBA6WTCx8BeLiNnNQe79qfndpL/l/BclLc7ZFRt4BVURhOb gLtOfsYlZJZyhHwjW7dSeOvApicrsSJQZTZDejzt/MUZljJd00Xk2mFYpRW3X5qQZXAH wOzg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=UNaeUQXiE9dYm6D1mHurVjXb41prrM/wxuSq2iBOICc=; b=HJy+IYRXSfnCtiozXPkpF5KJnIU4/4rdewqCEblemId5hz2lA57bU7evcimW40zsBK 8pgzP+f+tKEzvlogtMO7q9P82biJoq9wQbGS8ID102QLSNMvkKoZSjMB4zkCALlzy3UK Scj5onXw5M4I1rcFEUKiTvfERTiNCi7hQ35xO1XnsLH51BYOjIQK1lX6UdeXT6x3RIqI FU+lqBCJw2xO7FwaBGQUVCTsPhKNuuQAFKBqUu9A4NYwv7vhMHRJTrB/rIIQs2Yp+B9h Vbe8oYcMFh5ezMbyZNEW2JW7nFOn3YpTrvhox7VEeMRMlED7JjYUsY8QEe0B7LjnKveB EqlQ== X-Gm-Message-State: AOAM533GtoJEBfhxvlPplpujNJeASfUeyfuWBIcJL6Gs3bzbqaOSXA3W hMi/J5a6SWPAlpR/Z1tw9JuNHlsKiV2tDF4GnPJOWAK2Utk= X-Google-Smtp-Source: ABdhPJzvzF3x0PnBJaVanRk1lqVecwrUQTbYJynClOo5TpzNerOT1DmOkv11Bbekyi1IajEZ5ekGodS651BYU0yqwJA= X-Received: by 2002:a17:906:144e:: with SMTP id q14mr1099047ejc.150.1611269701021; Thu, 21 Jan 2021 14:55:01 -0800 (PST) MIME-Version: 1.0 Received: by 2002:a17:906:3f91:0:0:0:0 with HTTP; Thu, 21 Jan 2021 14:55:00 -0800 (PST) In-Reply-To: References: <154A2B81E5307985989F46BE958ACBAC@eigenstate.org> <84C199F8-15A4-4434-AD56-A35AB5CC6F4A@stanleylieber.com> From: hiro <23hiro@gmail.com> Date: Thu, 21 Jan 2021 23:55:00 +0100 Message-ID: To: 9front@9front.org Content-Type: text/plain; charset="UTF-8" List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: extended compliant out-scaling plugin Subject: Re: [9front] user none: cwfs vs hjfs Reply-To: 9front@9front.org Precedence: bulk if multiple users need to keep state that is supposed to be separated and private, then those users need to authenticate in a reliable way. for this we have dp9ik, and fileservers can do user-level and even group-level separation, so that state can be kept by a single and not 1 fileserver per user. On 1/21/21, hiro <23hiro@gmail.com> wrote: > why do you think running every service as none is a recommended practice? > > On 1/21/21, Stanley Lieber wrote: >> On January 21, 2021 5:01:06 PM EST, hiro <23hiro@gmail.com> wrote: >>>otoh not fixing hjfs may break security assumptions. >>> >> >> yes. i think we should fix hjfs. a lot of stuff relies on user none doing >> what it does in cwfs. the most import thing is that all file systems >> behave >> the same way. >> >> that said, relegating user none to world readable files while >> simultaneously >> running basically every service as none makes isolating services, and >> more >> blatantly keeping local users out of service files, difficult if not >> impossible. >> >> i think they got lazy with user none. we need some finer grade control >> over >> user capabilities. >> >> sl >> >