On Wed, May 24, 2006 at 07:02:30PM +0200, Tom Bachmann wrote: > Pierre THIERRY wrote: > > If it is from your parent, you cannot trust it. > > > > > Because the existance of a child process is completely defined by its > > parent, its understanding of what is secure, what its needs are, what > > is "external" to itself and what is internal, etc, is completely > > defined by the parent as well. > > (from marcus initial mail on this subject)
While this is certainly relevant, it doesn't quite answer his problem. Marcus was speaking about trivial confinement here, which means the parent is the process providing both the code and the space bank. In this case the space bank is provided by a third party, and the one providing it is (confusingly, IMO) called the parent (so the parent does *not* provide the code). It can still be trusted though, because it is the user session, which is part of the TCB. Thanks, Bas -- I encourage people to send encrypted e-mail (see http://www.gnupg.org). If you have problems reading my e-mail, use a better reader. Please send the central message of e-mails as plain text in the message body, not as HTML and definitely not as MS Word. Please do not use the MS Word format for attachments either. For more information, see http://129.125.47.90/e-mail.html
signature.asc
Description: Digital signature
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
