On Wed, Nov 09, 2005 at 05:31:25PM +0100, [EMAIL PROTECTED] wrote: > The point is that "bad ideas" do happen in the real world, as well as > bad implementations, bad premises, and sheer bad luck. No matter how > carefully you design your system, there will always be situations you > didn't anticipate; and the ability for the admin to fix them without > obstacles is absolutely crucial. That's why any attempt to limit his > power is extremely problematic IMHO.
This can be extrapolated to the real world. There too, there will be situations that the lawmakers didn't anticipate. The admin in this case is the police (combined with the judicial system). IMO we really do want to limit their power when it comes to privacy, even if in the real world it _is_ possible that the problems are in some person's home and not on the street (where the police is allowed to look). Since on a computer system it is possible to design it in a way that the problems the administrator needs to solve can only be be located on the user's resources if he's solving them for the user, there is no reason to give him access to it without user consent. In the unlikely event that it is needed anyway, _and_ it isn't a bug in the system (which can be fixed), we have to decide if we should accept this problem, or solve it by allowing spying. I'm not sure what we would choose, but I don't think it'll ever happen. Not sure who came up with the university example, but I have a comment on that. First the problem again: What if your disk is suddenly full and you need more space, but you don't have a spare disk. There was the assumption that the sum of all quotas was larger than the amount of disk space. In my university, this assumption is not valid. They don't trust students at all, so they give them "enough". There is more hard disk. When a student needs a larger disk for a project, he'll have to go to the administrator and the quota will be enlarged on a case by case basis. This may include showing the administrator that you're having useful things on your account. The administrator doesn't go and delete files that _he_ considers useless. Well, in fact I know of one such occasion, but the administrator was reprimanded for it. Thanks, Bas -- I encourage people to send encrypted e-mail (see http://www.gnupg.org). If you have problems reading my e-mail, use a better reader. Please send the central message of e-mails as plain text in the message body, not as HTML and definitely not as MS Word. Please do not use the MS Word format for attachments either. For more information, see http://129.125.47.90/e-mail.html
signature.asc
Description: Digital signature
_______________________________________________ L4-hurd mailing list L4-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/l4-hurd
