multiuser    Home     News     About     V2     UserGuide     disclaimer

Multiuser 2

The current incarnation of Multiuser (version 1.8) has been around for some time, and does it's job very well. It does have a couple of inconsistencies with the rest of the UNIX world that make it a bit of a pain to cater for, if you are porting UNIX code. Multiuser 2 will remove these inconsitencies, and extend the multiuser system to integrate with networking software.

Aims

The following list shows the aims for the future of the Multiuser system. The first 5 will probably end up in Multiuser 2

  1. Better UNIX compatibility
  2. Integration with AmiTCP/IP
  3. Better native filesystem support
  4. Complete filesystem security, with the FileSystem enforcer
  5. Plugin system for password encryption, user-authentication, account info storage/retrieval
  6. Memory control - control access to regions of memory. (requires MMU)

Better UNIX Compatibility

Multiuser 2 introduces the concept of Sessions. A session is a group of processes, usually related to a user that has logged in to the system. The session model allows better control over the processes run on a machine, and what they can do. In the future, it might be possible to restrict access to the intuition library for sessions associated with remote logins (via BBS or the internet).

Multiuser 2 also swaps the UID's of root and nobody, to bring them into line with the rest of the UNIX world. The downside is that this will 'break' most of the existing Multiuser-compatible software (it will need recompiling).

Integration with AmiTCP/IP

Most 'Internet Technology' is freely available in source-code form, for UNIX platforms. The ixemul library makes it easy to port the code to run on the Amiga - a good example of this is Apache, the web server.

AmiTCP/IP includes a usergroup.library that also aids in porting internet applications by providing a 'dumb' implementation of user session and credential tracking.

Multiuser 2 will include a replacement for the usergroup.library that routes through to the real multiuser system, thus enabling access control in many internet applications.

So, why is this useful? Consider a telnet server running on an Amiga without the Multiuser system installed. Anyone logged in via the telnet server can format hard-disks and cause trouble for legitimate users. Install multiuser 2, and the telnet server becomes secure by only giving the appropriate privilege level to users logged in.

Better native filesystem support

The term 'Native filesystem' in relation to Multiuser refers to filesystems that have been written to work in conjunction with the Multiuser system to allow secure access to the contents of the partition on which it is installed. Native filesystems are the key to the main part of the multiuser system. Without native filesystem support, it is quite easy (for someone in-the-know) to circumvent the Multiuser security layer and gain access/delete your files.

Currently there are 3 different filesystems that are Multiuser aware. They are MultiUserFileSystem, AmiFileSafe/Professional FileSystem and SFS. Multiuser 2 includes a new set of API functions that will help third-party filesystem developers make their filesystems Multiuser aware and well-integrated with Multiuser.

Also in-development is an Amiga port of the Linux 'Second Extended', or ext2 filesystem. The ext2 filesystem has several advantages over the FastFileSystem in terms of performance and architecture, and since the future of Amiga appears to be Linux based, ext2 seems to be a logical choice for an Amiga HD.

Also planned is a port of the SGI XFS filesystem - probably one of the most advanced filesystems available today. SGI announced that they would be releasing the source for XFS under an OpenSource license for inclusion with the Linux operating system. XFS is also a logical choice for an Amiga HD.

Complete filesystem security, with the FileSystem Enforcer

One of the benefits of installing the MultiuserFileSystem was that you didn't have to format your hard drive and reinstall it's contents. The reason for this is that the MultiUserFilesystem is a patched version of the FastFileSystem. This means the data stored on the disk is in the same format as the FastFileSystem. The patch makes the filesystem consult the multiuser.library to find out if someone is allowed to access a particular file in a particular way.

With the advent of large hard disks, the FastFileSystem had to be rewritten to be able to cope with 64-bit offsets. Unfortunately, due to the way the patch for the original FastFileSystem was created, we do not have the expertise to update the MultiuserFilesystem to work on large hard disks.

We decided that it would be useful to have a way of making an existing filesystem Multiuser aware, without having to patch it. The Filesystem Enforcer was born...

The Filesystem Enforcer intercepts operations on a filesystem at the packet level, and checks with the Multiuser library to see if they should be passed on the filesystem, or rejected

The Filesystem Enforcer will allow you to activate access control for ALL of the volumes on your machine, regardless of the filesystem installed on them.

Plugin system for password encryption, user-authentication, account info storage/retrieval

Multiuser 2 will include an extensible framework that will allow third party extensions to the Multiuser system. The plugin system will allow extensions to the way that password encryption, user authentication and account information are dealt with by the system.

This will allow someone to write a module that allows your Amiga to fit in with networks that use NIS, LDAP etc., without having to rewrite the multiuser system.

Memory control - control access to regions of memory.

Johan came up with this - multiuser can track which process allocated a given block of memory, providing a useful tool for developers.

Couple this resource tracking with a Memory Management Unit (MMU) and Multiuser should be able to enforce access control on regions and/or blocks of memory, based on the privileges of the process and/or relation to the process. Can you say Memory Protection?

This will probably be in Multiuser 3, if there is enough demand.


Hosted by
SourceForge
 
Wez Furlong Thu, 01 Jan 1970 00:00:00 PST