[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GSoC] Virtualization Using Hurd Mechanisms
|
From: |
Pierre Thierry |
|
Subject: |
Re: [GSoC] Virtualization Using Hurd Mechanisms |
|
Date: |
Thu, 12 Apr 2012 18:36:09 +0200 |
|
User-agent: |
Mutt/1.5.21 (2010-09-15) |
Scribit Ludovic Courtès dies 12/04/2012 hora 14:56:
> > Story #3 is basically a POLA launcher and the option is a powerbox.
> What about adding an option to make Bash work like Plash [0] on GNU?
That is actually one of my goals in doing this project. That's one of
the next steps…
I think it would actually need a lot of work on the UI to get it
right. As I soon discovered when working with capabilities (and, in
fact, security as a whole), the UI is really paramount.
I really like the "no click for security" criterion from Alan Karp's
work at HP. Having a shell that is naturally secure would fit it, but
would not be trivial to do, I suppose (think make or latex). Adding
some light syntactic sugar to do it plash-like may be manageable task,
though, if the underlying system is already able to easily enforce
POLA.
Curiously,
Pierre
--
pierre@nothos.net
OpenPGP 0xD9D50D8A
signature.asc
Description: Digital signature