[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Supporting POSIX *users* (was: Re: Does supporting POSIX application

From: Bas Wijnen
Subject: Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?)
Date: Wed, 26 Oct 2005 14:59:24 +0200
User-agent: Mutt/1.5.11

Ok, if you all cool down a bit (where "you all" is mostly Alfred and
Jonathan), let me point out that you seem to want the same:

Alfred says we should use most of POSIX, but not the features which are

Jonathan says we should not use the POSIX features which are insecure, but
does not say anything about the rest.  To me it seems he doesn't mind using

So how about we agree on this and have a constructive discussion instead of a
flame war?

Thank you for your attention.

On Wed, Oct 26, 2005 at 01:42:33PM +0200, Alfred M. Szmidt wrote:
> Let me elaborate instead, since Jonathan has comprehension
> difficulties
>    >    I don't see a way to start with POSIX and then improve it from
>    >    there.  POSIX has inherent insecurities built in.  There are
>    >    not many, but [...]
>    > 
>    > So simply ignore those insecuritites.
>    Oh yes. That has worked *so* well for Microsoft.
> But not _adding_ those insecuritites, 90% of POSIX is damn good, and
> has nothing to do with security, and is merly a API for writting
> portable programs.  The remaining 10% have to do with some bits of
> security, uid's and file permissions.  These bits can be _ignored_ and
> something different implemented on instead.  Just like not
> implementing chroot(), and using something different that is secure.
> But you knew that and had to start a flame instead, and make absurd
> claims that all of POSIX is inherently insecure, when in reality it
> the majority of POSIX is totally irrelevant to implementing a secure
> operating system.
> _______________________________________________
> L4-hurd mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/l4-hurd

I encourage people to send encrypted e-mail (see http://www.gnupg.org).
If you have problems reading my e-mail, use a better reader.
Please send the central message of e-mails as plain text
   in the message body, not as HTML and definitely not as MS Word.
Please do not use the MS Word format for attachments either.
For more information, see

Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]