Hello, I've been lurking on the list for a while and I'd like to post this note to share my point of view. You may find it pedestrian, but many posts have become very philosophical and fundamental- elaborate-logic oriented. Sometimes it is even hard to follow, so please bear in mind that I may not be sufficienly "educated" to participate in that discussion.
On TC. The TC issue has come back to the frontline, and it has even be mentioned that it may become unavoidable on the near-future hardware. I want to remind strongly that the Hurd will be Free Software. Not that I disprove or dismiss the use of TC for OS verification, nor that it should be forbidden to use TC feature for Free Software because it is "Free Software". But I really think that FS will never be able to use TC for OS verification, the weak reason being that TC will be controlled by entities unfriendly to FS (if there is some certification step required), and the stronger reason being that FS would lose one of its biggest interests, namely the ability for anybody to change it. Most of the people on this list and many people who want or need to setup machines with shared access will want to tune it to their needs, or just recompile their own version because they like it. On these grounds, if TC made it possible for a user to check which OS is running on a machine and if it is of a "trusted" kind, this ability clearly becomes void. On protection against the machine owner. My assumption is that there is really no way to protect against the machine owner. He does what he wants with his hardware. If he likes making a frying pan with his CPUs, he can, if he wants to make some usable server for his users, he can, if he wants to spy on them, he can. He can even make a system that looks like what users usually think is not intrusive and spy on them anyway. Then protecting against the installer's or administrator's incompetence or malice is really useless, because you never know what the owner, against which it is impossible to protect, is doing. In fact, users should not be protected against the administrator, or any user that has recieved some authority by the owner. This is the owner's business. He may want to split responsibilities among many users or concentrate the powers in one user's hands (certainly his). Protection is necessary to isolate users of the same rank. It is totally useless to try to protect them from anything else. However, an interesting goal is to enable them to do most of the things they want to do without the explicit consent of any administrator (and this is no kind of protection). And this post is long enough for now... JC -- Le contenu et les auteurs apparents des courriers électroniques étant aisément falsifiables, j'incite fortement mes correspondants à utiliser un logiciel de signature électronique (voir : www.gnupg.org)
signature.asc
Description: Ceci est une partie de message numériquement signée
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
