help-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: If QNX is successful, why NOT GNU Microkernels


From: Niels Möller
Subject: Re: If QNX is successful, why NOT GNU Microkernels
Date: 21 Jan 2004 20:53:23 +0100
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Olivier Galibert <galibert@pobox.com> writes:

> On Wed, Jan 21, 2004 at 04:30:12PM +0100, Niels Möller wrote:
> > The point of the Hurd is make file systems (as well as some other
> > things that traditionally live in kernel land) fun and *easy* for
> > ordinary users to run, install and hack.

> [1] Very nice, but also lacking a working security model.

As far as I can see, the security is just fine. You can't crash the
kernel or other users processes by installing your own translators. If
you don't trust other user's translators, then don't follow them
(that's what O_NOTRANS is for). Issues are about the same as for
following traditional unix symlinks, and it's about the same kind of
programs that need to care about it. All the more or less broken /tmp
cleaner scripts are the archetypical example.

I'm not sure this is the right place for that discussion, but if you
want to argue that hurd security suck, you will have to explain what
are your security requirements, precisely how the hurd is broken, and
(if you claim traditional unices like linux and bsd are better) how
traditional unix satisfies your security requirements.

I can see some security issues in the current hurd, but they don't
have much to do with translators.

/Niels




reply via email to

[Prev in Thread] Current Thread [Next in Thread]