> Or, perhaps, to allow libraries to (in some way) have privileges that > are distinct from the applications with which they're bound. I know > of no actual way to *do* that, but it seems to match the boundaries in > this design and possibly others.
I know of no way to do that either. I can't see a way to satisfy the security goals that privileges are intended to address without also exposing aspects of the implementation, and in turn holding the system's stability hostage to changes to those implementation details. > The real issue I see with this proposal, though, is the conflation of > UDP send and receive with TCP connect and accept. I don't think the > ideas are really the same. So, I'd be somewhat in favor of having a > big "network / don't network" switch, though with the issues around > loopback and IPCs, I'm still a bit unclear on exactly what networking > actually is. ;-} Indeed. -- meem _______________________________________________ networking-discuss mailing list [email protected]
