From owner-freebsd-config Fri Jan 30 06:47:13 1998 Return-Path: Received: (from daemon@localhost) by hub.freebsd.org (8.8.8/8.8.8) id GAA11899 for config-outgoing; Fri, 30 Jan 1998 06:47:13 -0800 (PST) (envelope-from owner-config) Received: from relay.cs.tcd.ie (relay.cs.tcd.ie [134.226.32.56]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id GAA11892 for ; Fri, 30 Jan 1998 06:47:10 -0800 (PST) (envelope-from careilly@monoid.cs.tcd.ie) Received: from monoid.cs.tcd.ie (monoid.cs.tcd.ie [134.226.38.99]) by relay.cs.tcd.ie (8.8.7/8.8.7) with ESMTP id OAA02496; Fri, 30 Jan 1998 14:47:00 GMT Received: from monoid.cs.tcd.ie (localhost.my.domain [127.0.0.1]) by monoid.cs.tcd.ie (8.8.5/8.8.5) with ESMTP id OAA08247; Fri, 30 Jan 1998 14:43:24 GMT Message-Id: <199801301443.OAA08247@monoid.cs.tcd.ie> To: config@freebsd.org cc: Adam Turoff Subject: Re: WebAdmin (was: RE: /usr/src/release/sysinstall needs YOU. :-)) MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <8242.886171403.1@monoid.cs.tcd.ie> Date: Fri, 30 Jan 1998 14:43:24 +0000 From: Colman Reilly Sender: owner-config@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In-reply-to: Your message of "Wed, 28 Jan 1998 11:16:00 PST." <34D0D540@smginc.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 30 Jan 1998 13:19:53 +1030 From: Mike Smith > OK. Enough goading. :-) OK. 8) I saved this mesasge because it's a good place to start plugging Juliet again. 8) > I don't feel qualified enough to start down this path alone. There > are a lot of nontrivial security issues to deal with, and a lot of > nontrivial configuration issues to deal with, too. This becomes easier when you layer the security issues. I would stop worrying about them for starters. I've written up and published a summary of the architectural discussions as I understand them together with some of my thoughts on the security issues at http://www.cs.tcd.ie/~careilly/portia/ArchNotes. The network here has been a bit unstable over the last week or two so it may be a bit unreliable. (Something to do with ATM switches I believe. What a suprise.) It's only a draft that I knocked up over the last hour, so excuse the quality. I'll try and keep it up to date as the discussion progresses and I'll try to write up a comprehensible explanation of what I mean by a "layered access control system" (LAX) over the weekend. Apologies in advance if I've mis-interpreted any of the discussion. Note that I am entirely agnostic about which languages we implement in. I see no reason that different layers shouldn't have different implementation languages. Colman