Scribit Marcus Brinkmann dies 08/01/2007 hora 02:24: > I note that the EROS space bank is hierarchical as well, and it does > not inhibit POLA either.
Because of the use of the constructor, I thought EROS space bank was clearly not hierarchical. > I also want to point out that today most systems deployed do not > implement POLA, and thus the harm, if it exists at all, is at most > opportunistic. That depends on the point of view. If we plan to do as bad as others do, yes, the harm is only potential. But if we have as a goal to build a secure system and end up with a system not significantly better than the existing ones, this would be a failure. I also had understood that POLA was clearly a goal of the next Hurd. > However, please note that virtually all systems widely deployed today > do have "transparent memory", do you know any exceptions? I may use one everyday: Linux. It seems I can't debug a program that I have the right to execute but not to read. I'm pretty sure that a setuid program I can execute is totally impossible to debug or monitor. Curiously, Pierre -- [EMAIL PROTECTED] OpenPGP 0xD9D50D8A
signature.asc
Description: Digital signature
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
