l4-hurd
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hurdish applications for persistence

From: Marcus Brinkmann
Subject: Re: Hurdish applications for persistence
Date: Thu, 13 Oct 2005 11:32:01 +0200
User-agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.7 (Sanjō) APEL/10.6 Emacs/21.4 (i386-pc-linux-gnu) MULE/5.0 (SAKAKI) 
At Thu, 13 Oct 2005 11:15:21 +0200,
Alfred M Szmidt wrote:
> 
>    Actually, any kind of security would already be good enough for me.
> 
> Then why not `not use chroot(), and use sub-hurd'?

Why not use a second machine?  As I said previously, I want security
while sharing selectively.

>    I read your other mail in response to mine.  I see many claims in
>    it, but no arguments.  Thus, I can't response beyond what I already
>    said on the issue, which I won't repeat.
> 
> I don't see any claims in my messages.  Maybe you should reread it,
> and the previous ones.

One of the claims is that chroot() is insecure.  But it's not chroot()
that's insecure in todays systems, it's the rest of the system that
is.

In fact, this goes double for the Hurd: The chroot() itself works.
Shadow parents on directory capabilities work.  It's the rest of the
system that leaks the authority, not the reparented directory.

This is not a play with words.  I am not trying to have a discussion
about chroot().  I am trying to have a discussion about the rest of
the system.  You keep ignoring that topic.  The best you can offer is
to use a completely different system, which works, and often is an
acceptable solution on purely practical terms, but offers no insight
whatsoever into the question how to be secure _and_ share.

Thanks,
Marcus
reply via email to
[Prev in Thread] Current Thread [Next in Thread]