On 13 March 2011 00:19, David T. Lewis <le...@mail.msen.com> wrote: > Hi Igor, > > I think it is good to make OSPP (and AioPlugin and XDisplayControlPlugin > where appropriate) available in all distributed VMs, but in some applications > they provide too much access to the operating system, so it is good to > have them as external modules so that people who do not want them on > the system can delete the modules. So I think it is best to treat it > like FFI, it is there if you want it but can be removed if you are doing > some sort of application where the user should not have easy access to > the OS functions. >
Well, i think for making a secure 'appliance' sort of, a better approach to not rely on prebuilt VM , but build your own where you can always decide what is secure enough and what's not, and should be removed/disabled. Btw, we discussed a bit of this today with Henrik, and first thing i think people should do, in order to make it more secure is to disable external module loading mechanism. Declaring that standard VM is more secure if you don't ship it with _external_ modules (like FFI) sounds like a joke. So, what i'd like to ask is, that if everyone feel a day-to-day need for using things like FFI or OSProcessPlugin we should make it available by default and out of the box. And for those, who concerned with low security there is always an options to improve it, like hiring people to develop a custom VM based on default one, where all security problems is addressed properly. So, i don't see why we should constrain ourselves with things we use and need, only because in eyes of someone it doesn't looks secure enough. > Dave > -- Best regards, Igor Stasenko AKA sig.