Re: Restricted storage

[Pierre THIERRY]

Scribit Jonathan S. Shapiro dies 30/05/2006 hora 10:04:
> Read permission on capabilities implies transitive write permission.

OK. Would it be possible then to have to sets of permissions:
read/write, read-only and nothing for data pages, and read and nothing
for capability pages?

> > I wonder if a write notice flag could be interesting. [...]
> This notice generally comes too late to be any good -- the horse has
> already left the barn.

I was fearing to come to that conclusion...

> Also, it requires dynamic monitoring that is generally agreed to be
> too expensive in practice. A comparable technique has sometimes been
> used to handle dynamic security level tainting in MLS systems.

For he sake of my curiosity, would the removable proxy idea I sketched
before be possible in Coyotos? Would it still be too expensive that way?

> > Then again, this breaks Flexibility.
> I have seen several references to the "Flexibility" design goal. Is
> this goal described somewhere?

http://hurd.gnufans.org/bin/view/Hurd/RequirementsForUser#FlexibilityRequirement

Curiously,
Nowhere man
-- 
address@hidden
OpenPGP 0xD9D50D8A

signature.asc
Description: Digital signature