As requested by Jonathan, here's his e-mail (and my answer) from yesterday.
----- Forwarded message from Bas Wijnen <[EMAIL PROTECTED]> ----- Date: Thu, 25 May 2006 19:19:58 +0200 From: Bas Wijnen <[EMAIL PROTECTED]> To: "Jonathan S. Shapiro" <[EMAIL PROTECTED]> Subject: Re: Part 2: System Structure I suppose you meant to send this to the list? I did already answer your question though. ;-) If you use attestation, then it will fail within a sub-Hurd. And it should, too. So if the program insists on running on opaque memory, it will insist on not running inside a sub-Hurd. If we really want, we could make a special system-provided sub-Hurd-on-opaque-memory which is trusted (and thus can work with attestation). Not that we want to support attestation in the Hurd, but you might want to support sub-Hurd-like behaviour in Coyotos-OS. Ps: If you did indeed mean to send this to the list, feel free to include this reply. On Thu, May 25, 2006 at 09:57:08AM -0400, Jonathan S. Shapiro wrote: > > > ... the programmer is not an entity which needs protection by the system. > > > > This is precisely the point on which we disagree. Some of the > > applications that I have in mind are *exactly* applications where the > > programmer's interests require protection by the system from the > > administrator. > > But he's not going to get it anyway. If the system doesn't allow installing a > wrapper to cheat the program, he can still alter the code before installing > it. > > > I am assuming current (next week) generation hardware, which includes > attestation. Even if it only supplies secure storage, binary alteration can > be precluded. > > shap -- I encourage people to send encrypted e-mail (see http://www.gnupg.org). If you have problems reading my e-mail, use a better reader. Please send the central message of e-mails as plain text in the message body, not as HTML and definitely not as MS Word. Please do not use the MS Word format for attachments either. For more information, see http://129.125.47.90/e-mail.html ----- End forwarded message ----- -- I encourage people to send encrypted e-mail (see http://www.gnupg.org). If you have problems reading my e-mail, use a better reader. Please send the central message of e-mails as plain text in the message body, not as HTML and definitely not as MS Word. Please do not use the MS Word format for attachments either. For more information, see http://129.125.47.90/e-mail.html
signature.asc
Description: Digital signature
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
