Re: Part 2: System Structure

[Pierre THIERRY]

Scribit Michal Suchanek dies 19/05/2006 hora 15:03:
> >> Currently, I am root on my computer.  There is no way you can let
> >> me run a program on a GNU/Linux machine where I am root without
> >> allowing me to see the binary.
> >Would that be different when you are the owner on the
> >constuctor-based system? I don't think so.
> It will be much more difficult for the machine owner,

Why? It has many times been said that only TC could make it really
impossible, and never that without it would even be hard. When you
install the system, you do whatever you want with it, and nothing forces
you to give up the capabilities to any part of the TCB...

> With the (opaque) constructor based system you can write a loader that
> is downloaded by the user, executes in opaque storage, verifies that,
> and downloads the actual program into its opaque storage.

I'm not sure it is possible if the user is downloading it. How does an
external (that is, downloaded) program would know that the capability it
is given to check opacity is not faked?

Curiously,
Nowhere man
-- 
address@hidden
OpenPGP 0xD9D50D8A

signature.asc
Description: Digital signature