[Pipet Devel] Access levels in VSH

jarl van katwijk jarl at casema.net
Wed Apr 5 01:52:13 EDT 2000


> >
> > We needed those to authorize DL's to login. Now this is where my problem
> > begins: who should be able to grant others access?
> >
> > So we need some form of access level in the vsh system, how do we
> > organize them? I copied a 'root' system like unix uses, so only the 1th DL
> > can authorize others. But maybe we do need a more sophisticated system,
> > something that not only allows DL's access, but also grants them the ability
> > to grant access to others.
>
> I haven't thought about this at all.  I'm not a security expert, but wouldn't
> 'passable access/authentication' be opening up a pandora's box?  You'll never
> know who has access to your system.
>
> I think another thing to consider is whether or not a mere user can grant
> access.  Perhaps only the system administrator should be allowed to do this.
> This is the opposite extreme of Jarl's proposal.  Thoughts?
>

This is how the BL has security currently implemented :)
The very first DL can login without a password, and will become the only one
being able to grant others access. I'll leave it this way for now, but it aint
the
final system yet I'm afraid.

bye,
jarl





More information about the Pipet-Devel mailing list