[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: inheritable file system objects, part 1: security



> >Security isn't it:  Any program that's useful
> >is going to be able to pull the same kind of 
> >nonsense on Inferno that trojans &c pull today.
> 
> Not so. Controlling functionality visible for any program/process
> through stack directories (they call them unions in Inferno, I thought
> the Plan 9 term "stack directory" captured the essence of this object
> inheritance mechanism) is a novel, patented mechanism. Suppose you have
> a program which downloads anonymous code (the worst case). You might
> want to give it:

And if I was running any number of operating systems, I could test that
program in a user account with reduced permissions.  The truth is,
consumers aren't going to put up with that nonsense -- theyo're going to
put their files wherever is convenient, which doesn't include playing
security games.

If you can manipulate files, you can blow them away.  Java is next to
useless because of the inability to store files locally.  Security
capabilities don't mean anything if people don't use them, and *consumers*
using *consumer devices* wont be doing ss, they'll be storing their files
wherever.

Security is available today, if you want it.
Consumers don't use it when it's available.
: Inferno will not be any safer in practice than anything else.

RSR