[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: POSIX
|
From: |
Alfred M\. Szmidt |
|
Subject: |
Re: POSIX |
|
Date: |
Wed, 26 Oct 2005 15:35:00 +0200 |
I am not sure exactly what is included in a sub-hurd, but I infer
that it is a more comprehensive extension of a chroot-jail.
A sub-hurd is a sub-system on top of the parant system.
If the sub-hurd is going to be the basic mechanism of security,
then EVERY new execution of every application should be
performed in a freshly instantiated sub-hurd.
You are assuming that each and every application is hostile, that
isn't the case. If you have something that can be considered hostile
(say, something that needs root privs), you can run it in a seperate
enviroment. Enclosing each and every process into its own jail-like
enviroment is beyond absurd.
- Re: POSIX (was: Re: Let's do some coding :-) ), (continued)
- Re: POSIX (was: Re: Let's do some coding :-) ), Alfred M\. Szmidt, 2005/10/25
- Re: POSIX (was: Re: Let's do some coding :-) ), Marcus Brinkmann, 2005/10/25
- Re: POSIX, olafBuddenhagen, 2005/10/25
- Re: POSIX, Marcus Brinkmann, 2005/10/26
- Re: POSIX, Bas Wijnen, 2005/10/26
- Re: POSIX, Alfred M\. Szmidt, 2005/10/26
- Re: POSIX, Bas Wijnen, 2005/10/26
- Re: POSIX, Alfred M\. Szmidt, 2005/10/26
- Re: POSIX, Alfred M\. Szmidt, 2005/10/26
- Re: POSIX, Jonathan S. Shapiro, 2005/10/26
- Re: POSIX,
Alfred M\. Szmidt <=
- Re: POSIX, Jonathan S. Shapiro, 2005/10/26
- Re: POSIX, Alfred M\. Szmidt, 2005/10/26
- Re: POSIX, Bas Wijnen, 2005/10/26
- Re: POSIX, Alfred M\. Szmidt, 2005/10/26
- Re: POSIX, Jonathan S. Shapiro, 2005/10/26
- Re: POSIX, Ronald Aigner, 2005/10/26
- Re: POSIX, Jonathan S. Shapiro, 2005/10/26
- Re: POSIX, Alfred M\. Szmidt, 2005/10/27
- Re: POSIX, Jonathan S. Shapiro, 2005/10/27
- Re: POSIX, Alfred M\. Szmidt, 2005/10/27