Project Athena ( was Re: Non Destructive Version of rm)

Fri May 10 08:00:56 AEST 1991

In article <12049 at mentor.cc.purdue.edu> asg at sage.cc.purdue.edu (The Grand Master) writes:
> In article <1991May7.224644.16951 at athena.mit.edu> jik at athena.mit.edu (Jonathan I. Kamens) writes:
> }I suggest you try to find out more about Athena.

> I am attempting to do just that so that I have an example of how *NOT*
> to administrate a network.

I suggest you go get the appropriate Usenix proceedings (I think it was one
of the Dallas Usenix Conferences) and look Athena up. It's a fascinating
design. It's not a "network" per se, but rather a distributed operating
system like Amoeba, Plan 9, or Andrew... albeit with a somewhat less agressive
redesign of UNIX than these systems.

It doesn't provide full UNIX semantics (but then either do Andrew or Amoeba,
and Plan 9 is a different kind of flying altogether), but it's pretty much
arbitrarily scalable.

> can still log into any workstation and be able to access his disk without
> having to do mounting all over the place. If I want to get to a directory
> /tmp on the system a294 I do cd //a294/tmp - no problem.

We have a similar network at Ferranti, called OpenNET (though it's closed:
intel only... no others need apply). It's nice, but it's not a distributed
system. An Athena or Andrew system would be nice.

> Where you get this I have no idea. I want to see your workstations if they are
> as powerful as a Sequent Symmetry. Pretty damn good workstations I guess.

Well, they started with PC/RT and Microvaxen. I have no idea what they have
now.

> Oh, I like your setup even better now. Give all the users root! Very
> tidy, and secure.

It is, because on Athena root doesn't mean anything. You can do anything you
want on that workstation, but you can't touch anyone else without the right
tokens. And even a snoopy program on the WS wouldn't help, because they expire
those tokens.

> elaborate autentication system - but tell me, if you dinna let your
> users have root privs would you NEED the elaborate authentication
> system?

If users can touch the metal, they can get root privileges. That is a constant.
They can even snoop the net and grab everyone else's data. If you're depending
on root protection to keep your network secure you're asking for trouble.

> And giving away root privs is. What is the purpose of having semarate 
> accounts then? Or do you have to give some kind of Kerberos authentication code
> for every damn thing you do?

Yep.

Of course it's transparent to the user once they've actually logged onto
Kerberos.

> Oh, you do not support rlogin - ic.
> So tell me, how do I get at my files from a remote location?

You mount it.

> Why should I have to use a password every time I execute a command?

You don't. And you won't have to. You really need to check out Kerberos
and Project Athena. It's a really neat system. As are the other distributed
computing environemnts out there. I don't know if Jonathan's claim that
Athena was the first really holds water (Andrew was pretty early, too), but
it *is* an influentual one.

And Jonathan... you could do with a bit of chilling out too.
-- 
Peter da Silva; Ferranti International Controls Corporation; +1 713 274 5180;
Sugar Land, TX  77487-5012;         `-_-' "Have you hugged your wolf, today?"