From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 24074 invoked from network); 21 Jan 2021 23:19:45 -0000 Received: from 1ess.inri.net (216.126.196.35) by inbox.vuxu.org with ESMTPUTF8; 21 Jan 2021 23:19:45 -0000 Received: from mail-ej1-f54.google.com ([209.85.218.54]) by 1ess; Thu Jan 21 17:51:14 -0500 2021 Received: by mail-ej1-f54.google.com with SMTP id a10so4954574ejg.10 for <9front@9front.org>; Thu, 21 Jan 2021 14:51:03 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to; bh=InGbke2Bi8+4XCT7uOaXZl09raQ4q6JwB4uU1p4YcDo=; b=mhfEpq8AGb17S5DmItkYQJcyZvOzd04Tvl02IU2FFtmFSBi0PYNiLhE4LSO2UPef5V W61AQly1eBPSZ9NaEDR1nL8ZB3DwI0zaues3f9iPv9a5Hy+m2sOSOuAKI0QguyGvvPUc B01DwogRMmSTEL83Qo45eM4phlKboKapD5shC5PDNL4dGjub5OXuoJsI/lRDK060Wh3R VjF6m5FtYFHbMdGDHeAQ5wcMVYZVVe0Tsu+qXXNsVi+LHy5v/AQZhhNDBTF7ytxaYP7t rF6ifcKwx764LEH4MeMggGL+go//tID2wxEEEU8/YB0eWsRUGKXLka5v/PUS0ULBB/lH 3MmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to; bh=InGbke2Bi8+4XCT7uOaXZl09raQ4q6JwB4uU1p4YcDo=; b=S9LjQOnnTpg3zm88k4J/tPa888AOkBuygh/LAf+dTTagZsTR50meBj9nj0IqWiQKxk o5Qi/G74h7D8vSGPrqnyjT4x0kdoXOMK0awcTTejKvlEjX4Vl6hI+WMI0ZIoy7//bGWJ Hpd+Qo4iafTGI1jPKlujoh4Vz80MYa+GyprFyhvGNmiaPn2Mm8Tw6kOf9h+dnp+aIqG/ eSIqp2hFvfwTDAtmaaAatTMrib1KZupCGlR0pXLhKynraFKZz2577YIbyetdudaNF1tc 9SzdlLGekhI8mjk8/SzN/enEKoK8HiUyLlmB1T61TAbkLDLjZ4SCmXkNxE/aPLgEeJYD nJvw== X-Gm-Message-State: AOAM530NtdzfdaGhkuRdLKmeuMsC3g4ogU8WwCuhG2QsOfWdXGCPYCh0 32ltx7pzVk/EVBgGiStovXu/dWLFEAkby9626wn9BOkZgMk= X-Google-Smtp-Source: ABdhPJyGjShlM/UJS1hztozIsBd9cWZENOhB/cDqVKfVOcyc2lQSVXCje815lhs8zdRabetPjSeQjS6sMBuQleSUPqU= X-Received: by 2002:a17:906:144e:: with SMTP id q14mr1091643ejc.150.1611269462624; Thu, 21 Jan 2021 14:51:02 -0800 (PST) MIME-Version: 1.0 Received: by 2002:a17:906:3f91:0:0:0:0 with HTTP; Thu, 21 Jan 2021 14:51:02 -0800 (PST) In-Reply-To: <84C199F8-15A4-4434-AD56-A35AB5CC6F4A@stanleylieber.com> References: <154A2B81E5307985989F46BE958ACBAC@eigenstate.org> <84C199F8-15A4-4434-AD56-A35AB5CC6F4A@stanleylieber.com> From: hiro <23hiro@gmail.com> Date: Thu, 21 Jan 2021 23:51:02 +0100 Message-ID: To: 9front@9front.org Content-Type: text/plain; charset="UTF-8" List-ID: <9front.9front.org> List-Help: X-Glyph: ➈ X-Bullshit: agile decentralized proxy-oriented TOR over ACPI just-in-time browser Subject: Re: [9front] user none: cwfs vs hjfs Reply-To: 9front@9front.org Precedence: bulk why do you think running every service as none is a recommended practice? On 1/21/21, Stanley Lieber wrote: > On January 21, 2021 5:01:06 PM EST, hiro <23hiro@gmail.com> wrote: >>otoh not fixing hjfs may break security assumptions. >> > > yes. i think we should fix hjfs. a lot of stuff relies on user none doing > what it does in cwfs. the most import thing is that all file systems behave > the same way. > > that said, relegating user none to world readable files while simultaneously > running basically every service as none makes isolating services, and more > blatantly keeping local users out of service files, difficult if not > impossible. > > i think they got lazy with user none. we need some finer grade control over > user capabilities. > > sl >