[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A niche for the Hurd - next step: reality check
|
From: |
Arne Babenhauserheide |
|
Subject: |
Re: A niche for the Hurd - next step: reality check |
|
Date: |
Fri, 21 Nov 2008 05:17:33 +0100 |
|
User-agent: |
KMail/1.10.3 (Linux/2.6.25-gentoo-r7; KDE/4.1.3; x86_64; ; ) |
Am Donnerstag 20 November 2008 23:36:40 schrieb Michal Suchanek:
> Still you should get as much security as practical because you never
> know in advance what is a threat, and it's the default barriers on
> which you rely for mitigating yet unidentified threats. The UNIX
> concept simply does not make security practical. Or at least I have
> not seen an extension to it that does.
How about the subdo idea?
Just open all applications with a reduced permission set and add the option of
giving additional permissions.
You can do permissions much more practical, for example not allowing any
writes except for specific programs.
Or just oneshot permissions: "OK, now you'll be in group X for 1 minute / your
next action"
(though "your next action" is hard to measure)
Best wishes,
Arne
--
-- My stuff: http://draketo.de - stories, songs, poems, programs and stuff :)
-- Infinite Hands: http://infinite-hands.draketo.de - singing a part of the
history of free software.
-- Ein Würfel System: http://1w6.org - einfach saubere (Rollenspiel-) Regeln.
-- PGP/GnuPG: http://draketo.de/inhalt/ich/pubkey.txt
signature.asc
Description: This is a digitally signed message part.
Re: A niche for the Hurd - next step: reality check, olafBuddenhagen, 2008/11/19
Re: A niche for the Hurd - next step: reality check, Esben Stien, 2008/11/18
Re: A niche for the Hurd - next step: reality check, Arne Bab., 2008/11/27