[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Design principles and ethics
From: |
Christopher Nelson |
Subject: |
RE: Design principles and ethics |
Date: |
Mon, 1 May 2006 16:51:25 -0600 |
> On Sun, Apr 30, 2006 at 06:59:22PM -0400, Jonathan S. Shapiro wrote:
> > > > So there is no /sbin/passwd, and it was not considered in the
> > > > question, which about the program accessing a central password
> > > > database (which I agree we should avoid if we can, but
> that is not the point).
> > >
> > > A program that can access a central password database in
> write-mode
> > > is _not_ confined. It can be run as a system service that is
> > > accessed through a capability, just like any other system
> service, if desired.
> >
> > This is not correct. By executing the program the user is
> authorizing
> > the program to access the password database. The requirement for
> > confinement is that they be able to check in advance
> whether such an
> > authorization is given.
>
> In the case of trivial confinement, the child implicitly
> agrees for the parent to debug it, because it allows to be
> started by it. Let me put it
> differently: The child's opinion about this is irrelevant,
> because the child isn't a party in the operation of starting
> a confined process. The parties which are involved are the
> parent, which is the process starting the child, and the
> instantiator, which is the process requesting the startup.
If the child doesn't *want* to be started by any given parent, that's
just tough luck? What you are saying, then, is that *any* program can
be run by *any* other program, and the program which is spawned has no
control over anything?
>If it doesn't, it must refuse to run at all.
How does the child have any guarantees about anything? In other words,
how can it refuse to run?
-={C}=-
- Re: Design principles and ethics, (continued)
- Re: Design principles and ethics, Bas Wijnen, 2006/05/01
- Re: Design principles and ethics, Pierre THIERRY, 2006/05/01
- Re: Design principles and ethics, Bas Wijnen, 2006/05/01
- Re: Design principles and ethics, Pierre THIERRY, 2006/05/01
- Re: Design principles and ethics, Bas Wijnen, 2006/05/02
- Re: Design principles and ethics, Pierre THIERRY, 2006/05/02
- Re: Design principles and ethics, Tom Bachmann, 2006/05/02
- Re: Design principles and ethics, Bas Wijnen, 2006/05/02
- Re: Design principles and ethics, Jonathan S. Shapiro, 2006/05/02
- Re: Design principles and ethics, Jonathan S. Shapiro, 2006/05/01
RE: Design principles and ethics,
Christopher Nelson <=
RE: Design principles and ethics, Christopher Nelson, 2006/05/01
RE: Design principles and ethics, Christopher Nelson, 2006/05/02
RE: Design principles and ethics, Christopher Nelson, 2006/05/02