On 02.12.2014 10:50, Richard Miller wrote: > For this sort of functionality the computer needs to be running as > a plan 9 cpu server, not a terminal in which by definition hostowner > controls everything. > > Somewhere in /contrib there is a patch which makes a few changes to > the cpu kernel to allow a login on the console by a user different > from hostowner, who then becomes termowner with permissions over > some but not all of the local hardware (eg keyboard and mouse but > not disk). It's not hard to do.
Okay, that seems to go in the direction, I'm looking for. To get the traditional unix behaviour, we'd also need some virtual terminal multiplexer (which allows switching between VTs with different sessions), supporting multiple framebuffers/GPUs, keyboards, etc (eg. multiseat environments) - just giving the logged-in users only these virtual devices. Shouldn't be that hard to implement. Anyways, for now I'm not so much focused on doing that on real Plan9 system, instead using its concepts/tools (9P, factotum, ...) on a GNU/Linux system. > But it's only pretend security if the user has physical access > to the machine. Of course, you could still replace the disks, etc .. but that's an entirely different area. > The "plan 9 way" is to keep the cpu server in a locked box and > get another computer to be a terminal. A raspberry pi doesn't > cost much. Well, not very suited for mobile purposes (notebook, etc) :P cu -- Enrico Weigelt, metux IT consulting +49-151-27565287
