[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Supporting POSIX *users*
From: |
Alfred M\. Szmidt |
Subject: |
Re: Supporting POSIX *users* |
Date: |
Thu, 27 Oct 2005 15:17:37 +0200 |
> open() -- assumes a universally shared, mutable store.
>
> Nothing wrong with that.
There is. It is possible to protect private data from becoming
shared by malicious applications. This is a good thing. What you
need for it is confinement: in that case, a hostile application
which can read your private data cannot share it. A universally
shared mutable store makes confinement impossible, and therefore
giving private data to potentially hostile programs dangerous.
I consider that a absurd level of paranoia totally unsuitable for a
system that you use on a daily basis.
> -- requires use of a known-ineffective access control
> mechanism
>
> How is a bitmask ineffcient?
ineffective.
Thanks, the question still remainds unanswered though.
> -- most applications have no need to access the file
> system at all!
>
> So don't call it.
Right, you want to secure your system by not making the wrong
syscalls in your code? And why do you think a hostile application
is going to live by that rule?
And by not implementing the `evil syscalls', as I have said repetedly!
You cannot use a syscall if it doesn't exist. That is what I mean by
don't call it, don't use it, etc.
But a system which only does parts of it is not a POSIX system.
Yes it is, POSIX doesn't mandate that everything must be implemented.
If you still think so after what I just wrote, could you please
explain?
I think I already have explained it. Do not implement the broken
bits.
I think Jonathan will not consider OpenBSD defensible. ;-)
Jonathan won't consider anything defensible other than EROS.
Running untrusted code is useful, and people will do it anyway, no
matter what the consequences are. We can build an operating system
which makes this acceptable, instead of highly dangerous.
We already such a system.
Let's do that.
Already done, POSIX.
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), (continued)
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Alfred M\. Szmidt, 2005/10/26
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Jonathan S. Shapiro, 2005/10/26
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Alfred M\. Szmidt, 2005/10/26
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Alfred M\. Szmidt, 2005/10/26
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Bas Wijnen, 2005/10/26
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Alfred M\. Szmidt, 2005/10/26
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Jonathan S. Shapiro, 2005/10/26
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Alfred M\. Szmidt, 2005/10/26
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Alfred M\. Szmidt, 2005/10/27
- Re: Supporting POSIX *users*, Bas Wijnen, 2005/10/27
- Re: Supporting POSIX *users*,
Alfred M\. Szmidt <=
- Re: Supporting POSIX *users*, Jonathan S. Shapiro, 2005/10/27
- Re: Supporting POSIX *users*, Alfred M\. Szmidt, 2005/10/27
- Re: Supporting POSIX *users*, Jonathan S. Shapiro, 2005/10/27
- Re: Supporting POSIX *users*, Michal Suchanek, 2005/10/28
- Re: Supporting POSIX *users*, Ludovic Courtès, 2005/10/27
- Re: Supporting POSIX *users*, Jonathan S. Shapiro, 2005/10/27
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Jonathan S. Shapiro, 2005/10/27
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Alfred M\. Szmidt, 2005/10/27
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Jonathan S. Shapiro, 2005/10/27
- Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?), Alfred M\. Szmidt, 2005/10/27