On Mon, Jul 13, 2009 at 6:05 PM, Eric Van Hensbergen<eri...@gmail.com> wrote: > On Mon, Jul 13, 2009 at 4:45 PM, hiro<23h...@googlemail.com> wrote: >> When I need remote access I nowadays use v9fs+ssh. >> Multi-user auth in kernel like you propose sounds nice and consistent, >> but too complicated. It doesn't fit linux, and thus an additional >> deamon would mean one more place of security relevant code prone to >> bugs. >> > > While I agree with that being the state of things today, it doesn't mean > we shouldn't push for better. Maybe the Glendix folks will make things > consistent (and bug free).
We hope to. One of the reasons it would actually be unwise to let anyone mount anything now is that no one uses per-process namespaces. That's probably fine on your desktop, but not on a server where 20 people try to mount something under /mnt/foo or whatnot. On the security side, I helped get the plan9-style authentication device in the mainline kernel. It's in staging. I guess the PAM module is 90% done, but they need some help if anyone is interested. > >> >> From a security (and perhaps simplicity) point of view userspace >> authentication sounds more reasonable to me, p9p together with >> something like fuse (even together with the new userspace hackery) or >> perhaps a single-user v9fs combined with inferno for doing the >> auth/crypt work seems a lot more reasonable to me than additional >> clever hackery from the plan9 side. Not sure if somebody has something >> like this working already... >> > > I have a variant using Inferno right now, mounting the file system directly > from the stdin/stdout of the emu. Combined with private namespaces it > provides a seemingly secure mechanism for accessing remote resources > as well as providing local resources to remote cpu services. > > -eric > >
