[EMAIL PROTECTED] (Dan Sugalski) writes: [...]
> #s 3&4 deal with security. This... this is a dodgier issue. Security's > easy to get wrong and hard to get right. (Though quotas are > straightforward enough. Mostly) And once the framework's in place, > there's the issue of performance--how do we get good performance in > the common (insecure) case without sacrificing security in the secure case? You might wish to consider a modular design here, similar to linux 2.6's security modules (LSM) http://www.nsa.gov/selinux/papers/module/x47.html IMO, the advantage would be that parrot apps will have a better idea of what security model is appropriate. So if the modular security hooks can be made cheap enough, the more vexing security/performance tradeoffs can be left up to the parrot apps. No clue how to achieve this though- just a thought from a member of the peanut gallery. -- Joe Schaefer
