At Mon, 01 May 2006 21:21:02 -0400, "Jonathan S. Shapiro" <[EMAIL PROTECTED]> wrote: > For programs that are important enough and sensitive enough to justify > the use of unconfined capabilities, this is a bug, not a feature.
Jonathan, to make this a productive and useful discussion, you must listen very carefully to what I say, over the whole length of a complicated discussion. I have said many, many times that I am fine with encapsulation of unconfined programs. I have given two explicit examples: System services and user-to-user communication. Yes, a user should not be able to debug system services, or the programs of other users. In general, without any authority indicating otherwise, I think that a program should only be able to debug its direct children, or their descendants, but not its parents or siblings. It is important that you understand this, so please ask back if the above is unclear in any way. The reason that the above is consistent with my other beliefs is that I do not think that a program needs to instantiate such unconfined programs using its own storage resources. They either already exist, or they are instantiated by somebody else, using somebody elses resources. You think that there are important use cases where these design patterns are not sufficient. But we already are trying to find out if this is the case or not in another thread. > > The system > > should allow debugging by default, and the user should not > > involuntarily give up this right. I believe it should be hard to give > > up these rights,... > > I believe you mean to say: the system should establish complete > disclosure as the default, and should be goddamn close to impossible for > any normal user to do anything about it. > > I can picture the marketing slogan now: > > Hurd: Non-consensual Coed Naked *Everything* > > Well. it will certainly be popular with 13 year olds until they figure > out that they can't get any (ahem) photographic content without the DRM > stuff enabled. This is getting tedious and weary. I am a very patient person, but even that patience can be exhausted. It is stretched by now. Please keep that in mind. At some point you will have to decide if the side attacks are more important to you than the parts of the discussion where we still can be productive. I am interested in getting to a point where we both at least understand where we differ and what the actual core of the disagreement is. To get there, we both have to admit the possibility that the world is complex enough to allow for such differences. As long as you keep insisting that my choice is based on irrationality or absurdity, mutual understanding is not possible. Thanks, Marcus _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
