(sorry if I sent this already. Netscape/windows did one of its tricks
when I sent before, and I don't think it got out.)
The basic idea here is to allow some users to have root access (killing
processes, accessing files) to a specified set of users, but obviously
not giving them complete root priveliges.
Uses:
- say you just downloaded a game/script/whatever and you're not sure how
safe it is. You create a subuser, switch all the files over to the
subuser, set the suid flag (making sure it's not executable by
everybody), and no longer worry about what it's capable of. The worse
it could do is kill itself.
- say you want to administer a group of websites all hosted on the same
server. Nearly every task involved has to be done by root. If you set
the up as subusers you don't need root, and you can (fairly) safely give
the junior admin access to the web-root while keeping the machine itself
safe. Note that this becomes extremely important if we impliment "Hurd
Collectives", especially if they get big.
Implimentation:
- beyond adding and deleting users, I think all you'd need to modify is
the auth server, making it check the users root user, then that users
root user, on up until we either hit the full root (uid 0) or find that
the user has access. Otoh my knowledge of Hurd internals is quite
limited.
Of course we'd need a better term than "that users root" to designate
the users "higher-up".
Comments?
p.s. am I the only one who has dreams of the internet turned into a
gigantic Hurd collective? :)
--
Rhamphoryncus
[EMAIL PROTECTED]
"This is the first age that's paid much attention to the
future, which is a little ironic since we may not have one."
-- Arthur Clarke
