1) How does an administrator help a user fix a misbehaving session (i.e. if a malicious program finds some way to take over a user's session by doing something like take focus any time the user moves the mouse) if they can't interact with the user's session?
2) How does the administrator limit hardware resources (i.e. disk space or CPU time when many people are actively using the system) so that one user does not consume too much of the limited resources?
It seemed, throughout some of this talk, that the administrator might be able to do (2) using a "policy" they set. However, what about (1)? I think (1) can be partially solved by allowing users to create a "recovery session" that allows them to authenticate with the first session and destroy it, but why can't an administrator get this ability as well? Why should an administrator not be able to peek at user data? Good administrators sometimes need to do this to find problems in user data when the user has a problem... and the admin doesn't want to ask the user to "enable an admin trust bit" at 2 AM just to solve the user's issue while the user is in bed.
Maybe I'm just missing something.
--
William M. Grim
Master of Computer Science, Southern Illinois University at Edwardsville
Unix Network Administrator, SIUE, CS. Dept.
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
