From owner-freebsd-config  Tue Feb  3 08:47:13 1998
Return-Path: <owner-config>
Received: (from daemon@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id IAA20223
          for config-outgoing; Tue, 3 Feb 1998 08:47:13 -0800 (PST)
          (envelope-from owner-config)
Received: from shrimp.dataplex.net (shrimp.dataplex.net [208.2.87.3])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id IAA20211
          for <config@FreeBSD.ORG>; Tue, 3 Feb 1998 08:47:10 -0800 (PST)
          (envelope-from rkw@dataplex.net)
Received: from [208.2.87.4] (user4.dataplex.net [208.2.87.4])
	by shrimp.dataplex.net (8.8.8/8.8.5) with ESMTP id KAA07178;
	Tue, 3 Feb 1998 10:47:00 -0600 (CST)
X-Sender: rkw@mail.dataplex.net
Message-Id: <l03130303b0fcf3415e42@[208.2.87.4]>
In-Reply-To: <199802031542.PAA16355@monoid.cs.tcd.ie>
References: Message from Adrian Chadd                               dated
 today at 22:57.
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Date: Tue, 3 Feb 1998 10:45:46 -0600
To: careilly@monoid.cs.tcd.ie, config@FreeBSD.ORG
From: Richard Wackerbarth <rkw@dataplex.net>
Subject: Re: WebAdmin
Cc: Adrian Chadd <adrian@obiwan.creative.net.au>
Sender: owner-config@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

At 9:42 AM -0600 2/3/98, Colman Reilly wrote:
>     the databases useable and stable.
>Sure. Now remember we have to assume that people will be attempting to
>exploit the admin system as a security hole. We can't trust any state coming
>from a HTTP connection.

>Look at Mike Smiths juliet stuff. Look at my thoughts on Portia/security
>stuff.

My only objection to his design is that it is a little too specific.
I think that ALL the "back end" modules should appear monolithic and
recursively defined. For example, although the password file is organized
as a list of records each having fixed entries, it can be modeled as
a two level tree. The top level entries are tagged by the <user> name.
Within each of those nodes there are entries tagged by <uid>, <gid>,
<Full User Name>, <shell>, etc.

I would do something like
[TELL <some machine> SET user_base.<user>.shell = "/bin/sh"]

which would get translated to
[TELL <some machine>.user_base.<user> SET shell = "/bin/sh"]

and
[TELL <some machine>.user_base INSERT joe AT_END]

would work. But
[TELL <some machine>.user_base.joe INSERT expires]
[TELL <some machine>.user_base.joe SET expires [end_of_this_month]]

would fail because I cannot insert tags in user records.

>Look at the mail archives on this topic.

Which archives? I cannot find one for "config".

>I'd really like to see people cooperating on this with a well thought out
>structure rather than see three sets of people head out into space.

Me, too.

But doesn't that break the "FreeBSD model" of "implement before you
discuss the design?" :-)


Richard Wackerbarth