Scribit Marcus Brinkmann dies 08/01/2007 hora 04:26: > Jonathan proposes that we make a paradigm shift in who controls the > computational resources of a machine. Instead of giving this control > to the rightful owner of the device, he wants to give this control to > the authors of the programs and data that is put into these machines.
How is this related to the issue of opaque memory? The mechanism of opaque memory doesn't allow this policy to be implemented in any way. The availibility of opaque memory without discrimination to all processes in the system doesn't undermine in any way the control of the rightful owner of the device. > That is a radical paradigm shift, which is aligned with the interests > of big businesses but hardly anybody else. Ross Anderson already pointed out a use of TC that would benefit opponents of bug businesses in the building of so-called blacknets. > > I also had understood that POLA was clearly a goal of the next Hurd. > POLA is not a goal. It can be a mechanism that achieves a goal, and > we plan to use it appropriately. Do we know any other mechanism to achieve that goal? Because if we don't, then logically, POLA will indeed be a goal. > Note that I do not share Jonathan's pessimism that what I suggest > inhibits POLA, at least not where we plan to use it. I had understood that it is desirable to apply POLA everywhere, and that every point where it's not introduce a security risk. Where is it planned to be used, and where is it planned not to be used? > Linux doesn't do any resource accounting, so how can you tell the > difference between a setuid program and a daemon except for the > mechanism of invocation? Similar for the example of a --x file. You asked for examples of widely deployed OSes. Do you know any example of an OS that does resource accounting and uses transparent memory? (I'm not sure I do) Curiously, Pierre -- [EMAIL PROTECTED] OpenPGP 0xD9D50D8A
signature.asc
Description: Digital signature
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
