[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
address@hidden: Re: Part 2: System Structure]
|
From: |
Bas Wijnen |
|
Subject: |
address@hidden: Re: Part 2: System Structure] |
|
Date: |
Fri, 26 May 2006 09:19:22 +0200 |
|
User-agent: |
Mutt/1.5.11+cvs20060403 |
As requested by Jonathan, here's his e-mail (and my answer) from yesterday.
----- Forwarded message from Bas Wijnen <address@hidden> -----
Date: Thu, 25 May 2006 19:19:58 +0200
From: Bas Wijnen <address@hidden>
To: "Jonathan S. Shapiro" <address@hidden>
Subject: Re: Part 2: System Structure
I suppose you meant to send this to the list?
I did already answer your question though. ;-) If you use attestation, then
it will fail within a sub-Hurd. And it should, too. So if the program
insists on running on opaque memory, it will insist on not running inside a
sub-Hurd. If we really want, we could make a special system-provided
sub-Hurd-on-opaque-memory which is trusted (and thus can work with
attestation). Not that we want to support attestation in the Hurd, but you
might want to support sub-Hurd-like behaviour in Coyotos-OS.
Ps: If you did indeed mean to send this to the list, feel free to include this
reply.
On Thu, May 25, 2006 at 09:57:08AM -0400, Jonathan S. Shapiro wrote:
> > > ... the programmer is not an entity which needs protection by the system.
> >
> > This is precisely the point on which we disagree. Some of the
> > applications that I have in mind are *exactly* applications where the
> > programmer's interests require protection by the system from the
> > administrator.
>
> But he's not going to get it anyway. If the system doesn't allow installing a
> wrapper to cheat the program, he can still alter the code before installing
> it.
>
>
> I am assuming current (next week) generation hardware, which includes
> attestation. Even if it only supplies secure storage, binary alteration can
> be precluded.
>
> shap
--
I encourage people to send encrypted e-mail (see http://www.gnupg.org).
If you have problems reading my e-mail, use a better reader.
Please send the central message of e-mails as plain text
in the message body, not as HTML and definitely not as MS Word.
Please do not use the MS Word format for attachments either.
For more information, see http://129.125.47.90/e-mail.html
----- End forwarded message -----
--
I encourage people to send encrypted e-mail (see http://www.gnupg.org).
If you have problems reading my e-mail, use a better reader.
Please send the central message of e-mails as plain text
in the message body, not as HTML and definitely not as MS Word.
Please do not use the MS Word format for attachments either.
For more information, see http://129.125.47.90/e-mail.html
signature.asc
Description: Digital signature
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- address@hidden: Re: Part 2: System Structure],
Bas Wijnen <=