[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Supporting POSIX *users* (was: Re: Does supporting POSIX application

From: Jonathan S. Shapiro
Subject: Re: Supporting POSIX *users* (was: Re: Does supporting POSIX applications require ACLs?)
Date: Thu, 27 Oct 2005 11:33:50 -0400

On Thu, 2005-10-27 at 16:16 +0200, Alfred M. Szmidt wrote:
> You want a absurd
> level of security that is simply not needed for a system that one uses
> on a daily basis.

Based on the number of daily break-ins, this statement is pretty
obviously inconsistent with observed reality. It also is pretty clearly
wrong in the eyes of current international standards such as Common
Criteria and many others. Not the high assurance standards, either. I'm
talking about the *low* assurance standards -- which are generally
agreed to be not good enough for daily commercial use.

So I think that your real objection must be something else. Either:

  1. POSIX is not a securable foundation, but you are unable to let 
     it go, or
  2. You imagine that real security must be horribly invasive
     and therefore unusable.

Which is it?


reply via email to

[Prev in Thread] Current Thread [Next in Thread]