[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Changing from L4 to something else...
From: |
Yoshinori K. Okuji |
Subject: |
Re: Changing from L4 to something else... |
Date: |
Fri, 28 Oct 2005 04:40:16 +0200 |
User-agent: |
KMail/1.7.2 |
On Thursday 27 October 2005 10:44 pm, William Grim wrote:
> Yeah, possibly. I won't comment on this, because I don't fully understand
> all of the Hurd yet either. I think we should look forward, but we should
> be doing a cost-benefit analysis at the same time and base some of our
> decisions off of it. I can't speak for Alfred, but I think that's what he
> really wants. I think Alfred wishes to remain practical. Not that I think
> anyone else here is impractical, but I think a cost-benefit analysis is a
> practical way to determine if the project can be done in a reasonable
> amount of time with whatever goals we decide.
Exactly.
The recent debate in this list makes me very afraid of a possibility of
extreme cost which never finish in a reasonable amount of time or human
resource. No matter whatever design mistakes the Hurd has, the reason why it
is nearly unusable even after 15 years is that most people have merely
dreamed and never implemented their dreams. Those who have been hanging
around for years, such as Marcus and Alfred, should know this fact. When I
see people talking about an ideal future again and again, I must imagine that
the same destiny would arrive.
What makes me scared the most is security paranoia (I'm sorry for my wording).
Some people tend to desiring 100% security, but it is simply impossible or
not feasible in reality. It is the same question as "How can I avoid a death
with 100% promise?" The only possible answer is "Die. Once you are dead, you
never die."
Security is a matter of a degree. The question is not if it is secure or not,
but how much it is secure. With a good capability system, you may prevent
malicious code from destroying all of your data, but you may not stop it
doing all malicious behaviors, anyway. For example, if a plugin for a browser
is to assist setting up a preference (in fact, there exist several plugins of
this kind for Mozilla), you must allow the plugin to rewrite your
configuration. Then, if the plugin is malicious enough, it can insert a proxy
setting secretly.
I'm not planning to take part in design decisions, simply because I don't have
time to read recent papers. But I wish Marcus and others would take it into
account that the project must be feasible and realistic.
From an "indirect" contributor to Hurd,
Okuji
- Changing from L4 to something else..., Alfred M\. Szmidt, 2005/10/27
- Re: Changing from L4 to something else..., Matheus Morais, 2005/10/27
- Re: Changing from L4 to something else..., Ludovic Courtès, 2005/10/27
- Re: Changing from L4 to something else..., Jonathan S. Shapiro, 2005/10/27
- Re: Changing from L4 to something else..., Alfred M\. Szmidt, 2005/10/27
- Re: Changing from L4 to something else..., William Grim, 2005/10/27
- Re: Changing from L4 to something else..., Alfred M\. Szmidt, 2005/10/27
- Re: Changing from L4 to something else...,
Yoshinori K. Okuji <=
- Re: Changing from L4 to something else..., Jonathan S. Shapiro, 2005/10/27
- Re: Changing from L4 to something else..., Ludovic Courtès, 2005/10/28
- Re: Changing from L4 to something else..., Alfred M\. Szmidt, 2005/10/28
- Re: Changing from L4 to something else..., Jonathan S. Shapiro, 2005/10/28
- Re: Changing from L4 to something else..., Alfred M\. Szmidt, 2005/10/28
- Re: Changing from L4 to something else..., Jonathan S. Shapiro, 2005/10/28
- Re: Changing from L4 to something else..., Alfred M\. Szmidt, 2005/10/28
- Re: Changing from L4 to something else..., Jonathan S. Shapiro, 2005/10/28
- Re: Changing from L4 to something else..., Marco Gerards, 2005/10/30
- Re: Changing from L4 to something else..., Alfred M\. Szmidt, 2005/10/30