> The guy in front of the console should authenticate as a normal user > and then only be allowed to access his own environment (no direct > control over hw, etc).
The guy is not in front of the "console", he has physical and therefore unrestricted access to all the resources in the terminal. A CPU or file server is used to offer limited access to restricted resources. The terminal user is meant not to have physical access to such devices. It's no use bucking against that paradigm, it is fundamental to Plan 9's design. Lucio. PS: An auth server is meant to be kept under lock and key, separate from the open network. That does not normally happen, but it is designed to be possible.
