users as blobs

Jamie nospam at geniegate.com
Sun Sep 3 22:22:28 PDT 2006 

In <44fb545b$0$787$415eb37d at xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
walt <wa1ter at xxxxxxxxxxxxx> mentions:
>Bob Bagwill wrote:
>> One feature I'd like, that might fit in with migrating junk around a
>> cluster, is to have all the static data associated with a user in one
>> blob that can be moved, archived, deleted, etc.  So rather than having
>> /home/bob and /tmp/bob and /var/spool/mail/bob and /var/cron/crontabs/bob,
>> you store everything under /home/bob, or have a bob filesystem layered
>> on top of the shared one.
>
>My gut instinct is that this is a great idea.  (My wife has considered
>me a blob for years, and she's always right.)
>
>My only hesitation concerns security and the size of my blob.  My
>~/Mail directory can reach multi-megabytes in size, etc.
>
>Are you thinking about, say, pointers to my real blob which exists
>on one physical server, or actually migrating blob->walt to anywhere
>I'm actually needed?  (Most likely to unplug the sink or the toilet.)
>
>Are there any security implication here?  Again, my gut says Yes, but
>I can't give you any reasons for why I feel that way.  Experts?

I'm VERY new to BSD's but on a mac, the /tmp is something called a "sticky
directory":

% ls -l /tmp
lrwxrwxr-t  1 root  admin  11 Jul 31 03:34 /tmp -> private/tmp

% file /private/tmp
/private/tmp: sticky directory

As I put stuff in /tmp it gets sent to that particular users /tmp

I'd imagine you could do the same some how? (I've not messed with this yet 
but I'm looking forward to it!)

I guess the thing I'd be worried about are things like that users html directory
or gopher directory, those would need world-read access.

Also, what of group projects? Say bob and wilma are in the group "project" and
are working on a project together. 

You'd probably have to create a "projects" user and share them that way. 

Moving the data around could be really time intensive for each shift? (I suppose,
if you were to shut a machine down, you'd HAVE to move the data first but
you could end up moving stuff that hasn't been used in years for a 2-hour 
machine repair.)

Jamie
-- 
http://www.geniegate.com                    Custom web programming
guhzo_42 at xxxxxxxxx (rot13)                User Management Solutions

More information about the Users mailing list