Multi-user support

Putting a little order with everything that has been said so far, we could all deduce that more or less we all agree with these basic concepts.

Multi user, it may be useful, but not in the form that other operating systems are abusing it.
It could be useful when they are real users, and possibly, for security reasons, to allow the log-in of only one session at a time, taking into account that haiku is an os for desktop or client side use. Having said that, creating a multi-user system becomes much easier, essentially it involves creating and directing a “home” folder containing all the personal data and personal settings of the applications for each individual user, in addition a level of securityand privacy for each user should obviously be created .

For all the rest we need a modern system of protection of system files, which takes as a strong example the method of different partitions for each level, such as a system level (read only plus armored), an application level (read only but with a possibility to access it in writing more simplified), a general data management level, a personal data management level, so on … such a method remains valid, for a matter of ease of data transfer and recovery of system portions …

Personal applications that are installed in their isolated sandboxes and that can communicate with other applications through API.

Finally, the root level, this must not be considered as a user, essentially the root level must be considered as a use of the system without the armoring of the parts inaccessible to those parts of the system and armored folders, essentially with the root level it must be able to be done what Haiku is already now, where you can do everything, including self-destruct the system.

When you run any kind of software on your computer that you didn’t write yourself, you are basically granting the developer of said software access to all your files. If you don’t have any kind of segmentation of memory or files, then you end up in the same situation as Amiga Workbench, where any software had complete access to anything. The Amiga was plagued with malware and there really wasn’t a good way to protect it against it. I take it that Haiku has Memory protection for this reason. This is a basic feature of any multitasking operating system. Likewise userspace needs to have segmentation of files, otherwise any application can just embed malware into system libraries. It doesn’t have to be user segmentation, it can be some other kind of containerization or limitation. But it is just as much, a basic part of multitasking OS, as memory protection.

multi user is a idea from timeshare computing mainframe systems.

Agreed.
Today most of haiku users are passionate and cautious, being perfectly aware they’re dealing with a stable OS, altough beta, but I’m almost horrified by dreaming lots of kids accessing their parent’s haiku PCs and popping up on this forum crying “I only moved 100 random files icons, now the PC doesn’t boot anymore, why” ?

Hello everyone,

I have just discovered Haiku, and got fascinated by it after watching a couple of Youtube videos about it. So I am totally new to this forum and about to give Haiku a try. Still, I hope you don’t mind that I am adding my 0.02 EUR here already, although I am currently a total newbie to Haiku. I’ll try to keep it simple and short.

So, without further ado, here’s what I think about the topic about multi-user support in Haiku, or not, based purely on my own personal use cases.

1. A minimum of access control, such as a login with username and password is a must-have for me. As long as Haiku is running virtualised, it’s not a big deal, of course. But I am thinking of installing it on an older laptop. In that scenario prevention of unauthorised access to system, applications and data is simply a requirement.
2. Support for multi-factor authentication and pass-keys would be great (maybe for a future release), as an alternate option to user name and password.
3. Full disk encryption would also be not just nice-to-have, but required on a laptop on travels.
4. I have no urgent need for full multi-user support, in the sense that
   a) multiple human users can have accounts on the system and/or that
   b) multiple human users can have simultaneous sessions on the system.
   I’d welcome support for these features, for sure, in a future release, but it’s nothing I’d need immediately or in R1, though.

Keep up the great work!

Hello and welcome to Haiku, on multiuser issue there has been many talks already (you can find them searching the forum here, in short, not in the pipeline so far (main devs can explain this better ).

6 posts were merged into an existing topic: Genode and Haiku

Please don’t make me keep a password that I need to remember to unencrypt my disk.

I use Haiku on a dedicated machine. I also have an iPhone. The one reason I love my iPhone, is that perfectly working thumbprint to unlock the phone. Yes, I know the newer iPhones use FaceID, but they also got rid of the “button”, which was a huge mistake.

If we were to implement multi-user accounts, disk encryption, and a well thought out multi-session scheme, could we please not make the user have to remember a password…

These days, if an App or Site on my phone makes me have a user account with a password, I just ditch the idea immediately and move on to something else.

so is the “password”

With encryption? No. That’s just not possible with biometric authentification.
Not even on the iPhone you mention above, instead it will use a passcode or passphrase for the actual encryption and release it to the OS if you authenticate biometrically (that is why you need to type your pw/code when rebooting the phone)

The reason for this is that encryption and decryption only works with the precise password, that is mathematically it can only work if this is an exact match, biometric authentification cannot provide this, fingerprints slightly change, so does your face and even the iris changes, e.g by dilating. You are extremely unlikely to ever gain the exact same sensor data from these sources for a decryption.

So that leaves basically two options, the first is to Do it like the iPhone, ask for a pw at boot and use biometrics afterwards. (although the iPhone uses a seperate chip for this, on a normal laptop you would be susceptible to an attacker reading the key from RAM) The second option is using a physical key for this instead of a password, it could be something like a yubikey, or something simpler like a usb drive with a specific file on it.

So TL;DR passwords for disk encryption is not something to annoy users with but mathematically required.

From a UI perspective I definetely agree though, linux constantly asks for a password for random stuff, and it has nothing to do with disk encryption. ;(

Come to think of it, I can do without disk encryption as it will only slow my environment down…

With all the multi-user/multi-session interest, I’d like to drop in my $.02 and mention that it should be possible to have more than one session open (i.e. with multiple monitors/keyboard/mouse) all without using passwords.

Imagine a beautiful scene with a father & daughter both using the same Haiku instance, but programming on the same project…why bother with passwords amidst innocence.

Or, imagine playing a game without needing to run it over the wireless, but on the same machine.

As long as you don´t need any other inconvenient thing in place of passwords, like biometric, or 2FA, or whatever.

Depending on the application, one can open two of the same application and work with them in diferent displays, provided the OS suports them, of course.

If not a password, what alternative option are you going to use to decrypt your disk/data?

Almost any other option would likely require some additional complex software infrastructure just to use such a feature.

In my opinion the iPhone is not a very good model of general computing devices, because it’s effectively a closed platform that is locked down pretty tight. Never mind that it’s operating system, APIs etc are developed and maintained solely by a corporate entity which can enforce things being done to a standard and tested thoroughly. You have to jailbreak it to install any software Apple hasn’t reviewed and approved.

7 posts were split to a new topic: Apple encryption choices and similar offtopic stuff

I just wanted to express my disdain for passwords, and realize now that I didn’t express my appreciation for how Haiku does not require a password at all. I would like that to still be an option moving forward.

One can always use a password on Boot or use a key to the power supply box!

Excuse me, but what the uck-fay. I understand that Haiku isn’t built for multi-seat setups (what used to be called mainframes back in the day, where eleventy million people were logged in at once). That’s a UNIX use case, and absolutely shouldn’t be something Haiku is targeted towards. And of course, Haiku isn’t built for server setups either, where services/daemons each have their own fake user. One user per user is fine.

But think of, say, a multimedia production environment, where there’s That One ThinkStation that everybody and their dog takes turns sitting in front of. Sure, one user at a time, but each of these users should have the right to his own “Documents” folder, his own “Pictures” folder, his own “Videos” folder, his own desktop wallpaper, and his own screensaver. And there shouldn’t be any danger of having your toes stepped on by your fellow lusers.

If I own a house, with roommates, we all have a key to the front door, but we also each have our own bedroom, with a door that locks, and just because I’m doin’ the five-knuckle shuffle in my bedroom doesn’t mean that my roommate can’t cook in the kitchen (at the same time, or not).

That’s all that “multi-user support” signifies, or should signify. If you all imagine that I’m one of those people using that ThinkStation, there’s really no reason for me to give one-tenth of a bumblebee’s fart about “elevated privileges”, “root”, “wheel”, “sudo”, all that nonsense, unless I’m the sysadmin, and the question of whether a multimedia operating system needs a sysadmin is for a different discussion.

Sure, if your primary fear is unintentional destruction of data by another luser. What about unintentional access of data (aka, ~/n0rp/)? What about intentional destruction of data (whether the other luser actually intends to destroy it, or just to change it to suit his preference as opposed to yours)?

True security from snooping or destruction by a motivated and malicious remote actor (which is what “cybersecurity” has become largely synonymous with today) is a whole other kettle of fish, and really deserves its own thread, not co-opting “multi-user support”. I’m talking about preventing the average office idiot from accessing your files.

All the capabilities that allow you to do the latter, will also allow you to do the former—unless the OS is specifically written to prohibit multi-seat, which I don’t think it should be. But we certainly don’t need to prioritise remote access/multi-seat; in fact, we should explicitly discourage this. If someone wants to make a multi-seat setup, they should consider UNIX, which was written specifically for that use case.

I agree wholeheartedly.

So’s the Internet. Nobody’s proposing abolishing that.

What form of darknet or VPN tunnel could be used to replace the internet?

It’s true, nowadays is basic in every Windows / Linux version to have the possibility of creating multiple users for a PC, each one with their own configuration (more advisable if several people in a home share the PC). I think that should definitely be implemented in Haiku.

It is easier to use multiple partitions in HAIKU!