[EMAIL PROTECTED] (Dan Sugalski) writes:
[...]
#s 3&4 deal with security. This... this is a dodgier issue. Security's easy to get wrong and hard to get right. (Though quotas are straightforward enough. Mostly) And once the framework's in place, there's the issue of performance--how do we get good performance in the common (insecure) case without sacrificing security in the secure case?
You might wish to consider a modular design here, similar to linux 2.6's security modules (LSM)
http://www.nsa.gov/selinux/papers/module/x47.html
IMO, the advantage would be that parrot apps will have a better idea of what security model is appropriate.
Well... maybe.
Parrot apps don't get a whole lot of say here--this is more on the order of OS level security. Not that it makes a huge difference, of course.
I'm not familiar with the new linux system, and I'm not *going* to get familiar enough with it to make any sensible decisions, so I think I'd prefer to stick with a system I'm comfortable with and that I know's got a solid background. (So at least any problems are a matter of implementation rather than design -- those, at least, are fixable)
--
Dan
--------------------------------------"it's like this"------------------- Dan Sugalski even samurai [EMAIL PROTECTED] have teddy bears and even teddy bears get drunk