Hi, On Mon, Mar 27, 2006 at 09:45:45PM +0200, Marcus Brinkmann wrote: > > I think these do not match with MAC-alike system policies. If an > > administrator/owner wants to restrict the options a specific user has to > > enter the system via SSH, there must remain a small "system" ssh server > > part. An example could be the limitiaton to SSH2. > > There are two responses to that. The first is: Why would an > administrator want to do that? And the second is: Given the answer to > the first question, is this something that we want to support?
My assumptions was that any administrator (or platform owner or you) wants complete control over possible entry points into his server. > There are three possible outcomes to this: (1) there is no consistent > argument why the admin would want to do that, or (2) there is a > consistent argument, but it is in conflict with ideological > assumptions we make, or (3) there is a consistent answer, and it does > not conflict with our ideological assumptions. > > Only if the result is (3) it is worth considering to support this. > And even then it may be rejected because of cost-benefit analysis or > other factors. Is the bottom line of this a) you don't care about MAC or b) HURD does not care about MAC? IMO Mandatory Access Control is something somebody who operates a server really wants... Cheers -- Christian Helmuth TU Dresden, Dept. of CS Operating Systems Group http://os.inf.tu-dresden.de/~ch12 _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
