Re: Part 2: System Structure

[Marcus Brinkmann]

At Mon, 15 May 2006 03:12:22 +0200,
Pierre THIERRY <address@hidden> wrote:
> > All of this is technically possible, but the complexity is inherent in
> > the goal.
> 
> But maybe there are some goals that we should support that fit in this
> use case.

There may be.

> Just check every setuid/setgid executable in a system with a
> fairly large number of packages installed and check how you would deal
> with it...

I did this once, and couldn't find any program that posed a serious
problem.

> If you intend to have Hurd-NG used on typical desktop systems with
> typical people (that is, that might want reliable competition software
> on their system), then you have a problem here, I think.

I have no evidence that typical people want "reliable competition
software on their system".  I have evidence that people trust each
other to not submit bogus data, for example web sites where you just
send in screenshots of your score, or forums where they just post
their stats.  I have also evidence that in the cases where a
competition happens, there are other ways to achieve it that are not
intrusive, for example logic games where you just send in the complete
solution that can be verified.  I also have plenty of evidence that
people want to cheat sometimes: they are even paying money for
magazines or hardware (like the modules for the C64, back then) to
allow them to cheat.  In fact, cheat sheets are a regular part of any
computer magazines covering games since at least the early 80s.

Look, I have very little sympathies for the problems faced by people
who want to compare their mine sweeper high scores but don't trust
each other enough to not cheat in the process.  Even if we would do
everything you suggested so far, you _still_ wouldn't know if one of
the players doesn't cheat.  It's in fact impossible to know, unless
you have a nurse take a drug test and have a police man watch the
player at all times during playing.  I could set up a camera and a
robot which plays the game for me, much better than I ever could.  And
you would not be able to tell.

> I also have 73 of them in {,/usr}/{s,}bin, though many of them are
> either abusive use of setuid/setgid or unnecessary in Hurd-NG, like
> mount or ping.
>
> There are some terminal emulators in them, which maybe fit the use case:
> they write utmp data. I don't know if it is of any importance for
> Hurd-NG.

It depends on what you want to log with the utmp data.  There is a
portion of information that can be gathered by the terminal login
manager.  There is another portion of the login data that would have
to be volunteered by the user.  The terminal capabilities can include
a capability to write this voluntary data.
 
Thanks,
Marcus