Re: POSIX

[Alfred M\. Szmidt]

   >      Web browsers
   >      Email readers
   >      Word processors
   >      Document browsers (e.g. acrobat, xpdf, ghostview)
   > 
   > All those run in a jail of sorts: the current user.  What would
   > be nifty is a way to allow a user to make sub-users, where he can
   > encapsulate a program and only give write/read access to a
   > specific directory.  Which is possible to do with any extensive
   > rewrites I think.

   Typo: I believe you meant to write "... *without* any extensive
   rewrites"

Correct.

   I do not believe so. The difference is that with a kernel I know
   where the kernel came from and so do a lot of other users. If the
   kernel screws the users, they have a decent chance to figure this
   out and abandon the system. Also, kernels are well known to be
   sources of vulnerability and they get inspected.

History shows that people are not interested in hacking kernels, they
hack on programs.  If the opposite was true, then someone would have
fixed the driver madness in Mach or improved IO access in the
Hurd/Mach.

   And if it is a purely "academic" exercise, can you explain why
   KeyKOS has *never* been hacked over 25 years in production use? And
   yes, there have been attempts.

It must be really bad if nobody has hacked on it in 25 years.  But
maybe you meant cracked, in that case, how do you know? You simply
cannot know.