[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to")
|
From: |
Jeremy Shaw |
|
Subject: |
Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to") |
|
Date: |
Tue, 06 Jul 2004 15:27:53 -0700 |
|
User-agent: |
Wanderlust/2.10.1 (Watching The Wheels) SEMI/1.14.6 (Maruoka) FLIM/1.14.4 (Kashiharajingū-mae) APEL/10.6 Emacs/21.3 (i386-pc-linux-gnu) MULE/5.0 (SAKAKI) |
At Wed, 07 Jul 2004 08:16:37 +1000,
Robert Collins wrote:
>
> [1 <text/plain (quoted-printable)>]
> On Wed, 2004-07-07 at 07:27, Jeremy Shaw wrote:
>
> > (1) You probably don't have a haskell interpreter installed
> > (2) You probably don't trust me to run abitrary code on your system
> >
> > But, if tla has a built-in VM, with a reasonable security module, both
> > problems are solved:
> >
> > (1) I can distribute the script as a pre-compiled byte-code, so even
> > if you don't have a haskell->furth compiler, you can still run the
> > script.
> >
> > (2) You can rest assured that my script isn't doing anything malicious
> > (by only allowing by untrusted scripts to execute safe commands in
> > a sandbox).
>
> I don't recall seeing sandbox mentioned in Tom's papers. Did I miss it?
> Or are presuming that that is a intended & desired feature?
I talked with tom briefly on #arch, and he has given some thought to
handling security in the VM. I don't think the security stuff has been
fully flushed out yet. Also, the term sandbox may have some very
specific meanings attached to it that I am not aware of, so don't read
to much into that word.
I think the basic model is, the VM will have someway to mark commands
as safe or unsafe. There will also be a way to set which unsafe
commands a program can run on a per program, per command basis. This
would allow you to implement a large number of possible security
policies...
Jeremy Shaw.
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), (continued)
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Colin Walters, 2004/07/05
- [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Daniel James, 2004/07/06
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Colin Walters, 2004/07/06
- [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Daniel James, 2004/07/06
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Jeremy Shaw, 2004/07/06
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Colin Walters, 2004/07/06
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Ron Parker, 2004/07/06
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Jeremy Shaw, 2004/07/06
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Aaron Bentley, 2004/07/06
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Robert Collins, 2004/07/06
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"),
Jeremy Shaw <=
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Anselm Lingnau, 2004/07/07
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Tom Lord, 2004/07/07
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Andrew Suffield, 2004/07/07
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Tom Lord, 2004/07/07
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Marcus Sundman, 2004/07/07
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), James Blackwell, 2004/07/12
- [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Stefan Monnier, 2004/07/12
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Stéphane Payrard, 2004/07/12
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), James Blackwell, 2004/07/12
- Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), Samium Gromoff, 2004/07/12