Scribit Michal Suchanek dies 19/05/2006 hora 15:03: > >> Currently, I am root on my computer. There is no way you can let > >> me run a program on a GNU/Linux machine where I am root without > >> allowing me to see the binary. > >Would that be different when you are the owner on the > >constuctor-based system? I don't think so. > It will be much more difficult for the machine owner,
Why? It has many times been said that only TC could make it really impossible, and never that without it would even be hard. When you install the system, you do whatever you want with it, and nothing forces you to give up the capabilities to any part of the TCB... > With the (opaque) constructor based system you can write a loader that > is downloaded by the user, executes in opaque storage, verifies that, > and downloads the actual program into its opaque storage. I'm not sure it is possible if the user is downloading it. How does an external (that is, downloaded) program would know that the capability it is given to check opacity is not faked? Curiously, Nowhere man -- [EMAIL PROTECTED] OpenPGP 0xD9D50D8A
signature.asc
Description: Digital signature
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
