Re: Linux/HURD security and virtual machines

To: Edmund GRIMLEY EVANS <edmundo@rano.demon.co.uk>
Cc: debian-hurd@lists.debian.org
Subject: Re: Linux/HURD security and virtual machines
From: Michele Bini <mibin@tin.it>
Date: Thu, 22 Oct 1998 17:06:31 +0200
Message-id: <[🔎] 19981022170631.A1181@tin.it>
In-reply-to: <[🔎] 362E0CEC.FEAA1775@rano.demon.co.uk>; from Edmund GRIMLEY EVANS on Wed, Oct 21, 1998 at 05:33:48PM +0100
References: <[🔎] Pine.LNX.3.96.981021170421.3035C-100000@pear.presence.net.uk> <[🔎] 362E0CEC.FEAA1775@rano.demon.co.uk>

On Wed, Oct 21, 1998 at 05:33:48PM +0100, Edmund GRIMLEY EVANS wrote:
> I suppose the thing I like least about UNIX is the way every program I
> run automatically receives permission to do everything I can do, e.g.
> delete all my files, send mail on my behalf, etc, etc. Also, there is
> nothing like a "virtual machine": portability of programs can not be
> enforced because every program can examine its environment and decide
> to fail if certain files exist on the system or whatever. This second
> issue is a consequence of the first one, of course: every program
> unnecessarily receives permission to examine the system it is running
> on.

Not actually true, you can write a libc-wrapper library to
limit the accessibility of the system.
fakeroot is an example, it makes the program believe to be root
in some cases, by using a libc wrapper.
Of course, things would be much better if the operating system
itself supported this.

-Michele

Reply to:

References:
- Re: Linux binaries on HURD
  - From: Jules Bean <jmlb2@hermes.cam.ac.uk>
- Linux/HURD security and virtual machines
  - From: Edmund GRIMLEY EVANS <edmundo@rano.demon.co.uk>

Prev by Date: Re: Linux binaries on HURD
Next by Date: Re: Linux/HURD security and virtual machines
Previous by thread: Linux/HURD security and virtual machines
Next by thread: Re: Linux/HURD security and virtual machines
Index(es):
- Date
- Thread