l4-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: POSIX


From: Alfred M\. Szmidt
Subject: Re: POSIX
Date: Wed, 26 Oct 2005 16:13:43 +0200

     Web browsers
     Email readers
     Word processors
     Document browsers (e.g. acrobat, xpdf, ghostview)

All those run in a jail of sorts: the current user.  What would be
nifty is a way to allow a user to make sub-users, where he can
encapsulate a program and only give write/read access to a specific
directory.  Which is possible to do with any extensive rewrites I
think.

   Each of these runs code written by a very large number of untrusted
   developers, and each downloads "plugins" (or equivalently: can spawn
   local commands at the direction of documents) that I know nothing about.
[...]
   The plugin code very often *is* hostile, and the programs that run
   them very often contain security bugs.

Same thing can be said about kernels.

   On the server side, things are even worse -- for those I need a new
   sub-hurd for every page request that involves any sort of active
   content.

Such paranoia isn't useful for a multi user system, or a single user
system.  All it is is a academic excersise in `intellectual
mastrubation'.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]