[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Changing from L4 to something else...

From: William Grim
Subject: Re: Changing from L4 to something else...
Date: Sun, 30 Oct 2005 23:52:26 -0600

This talk is very interesting about have a system administrator that doesn't administer much, but I have some questions that I think are important:

1) How does an administrator help a user fix a misbehaving session (i.e. if a malicious program finds some way to take over a user's session by doing something like take focus any time the user moves the mouse) if they can't interact with the user's session?
2) How does the administrator limit hardware resources (i.e. disk space or CPU time when many people are actively using the system) so that one user does not consume too much of the limited resources?

It seemed, throughout some of this talk, that the administrator might be able to do (2) using a "policy" they set.  However, what about (1)?  I think (1) can be partially solved by allowing users to create a "recovery session" that allows them to authenticate with the first session and destroy it, but why can't an administrator get this ability as well?  Why should an administrator not be able to peek at user data?  Good administrators sometimes need to do this to find problems in user data when the user has a problem... and the admin doesn't want to ask the user to "enable an admin trust bit" at 2 AM just to solve the user's issue while the user is in bed.

Maybe I'm just missing something.

William M. Grim
Master of Computer Science, Southern Illinois University at Edwardsville
Unix Network Administrator, SIUE, CS. Dept.
reply via email to

[Prev in Thread] Current Thread [Next in Thread]