From: "Dmitry A. Kazakov" <mailbox@dmitry-kazakov.de>
Subject: Re: For the AdaOS folks
Date: Tue, 4 Jan 2005 10:59:45 +0100
Date: 2005-01-04T10:59:45+01:00 [thread overview]
Message-ID: <24hf82mgtexu$.c07xlxejxm1c$.dlg@40tude.net> (raw)
In-Reply-To: z7iCd.15318$Y_4.1372013@read2.cgocable.net
On Mon, 03 Jan 2005 15:44:17 -0500, Warren W. Gay VE3WWG wrote:
> Dmitry A. Kazakov wrote:
>>
>> But in our hypothetical OS each possible way of access will be represented
>> by some safe system object. These objects, when properly designed will
>> provide necessary administrative services.
>
> If you are a night watchman for a Mall, which situation makes it
> easier to sleep at night when you've locked up and gone home?
>
> 1. A mall with one or two doors on the outside to be
> locked and checked.
> 2. A mall with thousands of doors on the outside to be
> locked and checked.
>
> The answer is obvious. Sure, it is ok for other doors to exist
> inside the mall (for each store), which can be locked, but it
> only makes sense to choke the security at a minimal number
> of points.
But you can approach the problem in other ways. You could change people to
make impossible for somebody to steal. You could make objects unusable when
stolen etc.
>> Do you have one "gate" for hard drive I/O?
>
> Yes, actually. The kernel controls the issuing of the IDE
> commands, so that no process can permanently destroy the
> IDE drive (which can be done, if certain commands are issued).
> Not to mention that partition scope(s) must be enforced.
It is no different from handling TCP/IP sockets. So the problem lies
elsewhere above. Anybody may try to open a file.
> File systems mitigate access to the thousands of objects
> that exist within the file system. In a hierarchical system
> of directories, you have upper levels of choke points (in
> parent directories), as well as the ability to control
> access on the object itself.
Yes, that is the point. Files are primitive, but objects. It is much easier
to enforce security in a hierarchical system than in a flat sea of
unstructured data.
>> Do you need a firewall to tunnel open/close/read/write to floppy
>> drives? It would be nonsense.
>
> Maybe its not your floppy. Maybe it belongs to
> another user (perhaps a student/coworker/spouse).
But how a tunnel might help with that? It does not know who is the owner.
>> The problem is that network protocols do not
>> have safety of a file system.
>
> A file system is confined.
Come on, there were multi-user OSes before Windows. Even UNIX pretended to
be one.
> A network is exposed by
> definition. That is the element that makes network
> security so difficult. It has very little to do
> with which came first.
>
>>>Even at home, there is much more safety in doing things this way.
>>
>> It an imaginary safety.
>
> Not at all. While it is not the entire answer to network
> security, you court disaster without one. You will not find
> one network security expert to suggest what you are promoting.
Sure, why should they kill a hen carrying the gold eggs? (:-)) Did you ever
hear from any company selling anti-virus software that the only problem
with viruses is OS?
--
Regards,
Dmitry A. Kazakov
http://www.dmitry-kazakov.de
next prev parent reply other threads:[~2005-01-04 9:59 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-27 5:09 For the AdaOS folks Wes Groleau
2004-12-27 10:56 ` Florian Weimer
2004-12-27 12:50 ` Georg Bauhaus
2004-12-27 13:12 ` Florian Weimer
2004-12-28 1:18 ` Wes Groleau
2004-12-27 13:46 ` Adrien Plisson
2004-12-27 16:28 ` Georg Bauhaus
2004-12-28 6:19 ` Microkernels & Ada (Was for the AdaOS folks) Warren W. Gay VE3WWG
2004-12-28 12:02 ` Adrien Plisson
2004-12-28 15:28 ` Warren W. Gay VE3WWG
2004-12-30 1:19 ` For the AdaOS folks Nick Roberts
2004-12-30 13:58 ` Warren W. Gay VE3WWG
2004-12-30 15:27 ` Dmitry A. Kazakov
2004-12-30 16:30 ` Warren W. Gay VE3WWG
[not found] ` <otb8t09dkjh54e1k5s5ccn23ggkqk6ndui@4ax.com>
2004-12-30 19:06 ` OT: Mach Ports (For the AdaOS folks) Warren W. Gay VE3WWG
2004-12-31 10:03 ` For the AdaOS folks Dmitry A. Kazakov
2004-12-31 11:30 ` Warren W. Gay VE3WWG
2004-12-31 12:31 ` Dmitry A. Kazakov
2004-12-31 16:24 ` Warren W. Gay VE3WWG
2004-12-31 17:57 ` Marven Lee
2004-12-31 18:40 ` Warren W. Gay VE3WWG
2004-12-31 19:22 ` Warren W. Gay VE3WWG
2005-01-02 15:09 ` Marven Lee
2005-01-02 20:06 ` Luke A. Guest
2005-01-03 3:13 ` Warren W. Gay VE3WWG
2005-01-03 6:40 ` Luke A. Guest
2005-01-03 10:30 ` Marven Lee
2005-01-03 15:52 ` Warren W. Gay VE3WWG
2005-01-03 16:48 ` Ad Buijsen
2005-01-03 18:49 ` Warren W. Gay VE3WWG
2005-01-03 13:43 ` Marven Lee
2005-01-04 23:36 ` Nick Roberts
2005-01-03 16:22 ` Warren W. Gay VE3WWG
2005-01-04 23:16 ` Nick Roberts
2005-01-05 3:48 ` Warren W. Gay VE3WWG
2005-01-05 13:14 ` Nick Roberts
2005-01-01 12:53 ` Dmitry A. Kazakov
2005-01-02 0:31 ` Warren W. Gay VE3WWG
2005-01-02 11:50 ` Dmitry A. Kazakov
2005-01-02 22:04 ` Warren W. Gay VE3WWG
2005-01-03 10:30 ` Dmitry A. Kazakov
2005-01-03 16:36 ` Warren W. Gay VE3WWG
2005-01-03 17:05 ` Dmitry A. Kazakov
2005-01-03 19:01 ` Warren W. Gay VE3WWG
2005-01-03 19:55 ` Dmitry A. Kazakov
2005-01-03 20:44 ` Warren W. Gay VE3WWG
2005-01-04 0:02 ` Randy Brukardt
2005-01-04 17:44 ` Warren W. Gay VE3WWG
2005-01-04 20:14 ` Nick Roberts
2005-01-04 9:59 ` Dmitry A. Kazakov [this message]
2005-01-04 18:00 ` Warren W. Gay VE3WWG
2005-01-04 19:07 ` Dmitry A. Kazakov
2005-01-04 19:57 ` Warren W. Gay VE3WWG
2005-01-05 0:02 ` Nick Roberts
2005-01-05 4:37 ` Warren W. Gay VE3WWG
2005-01-05 18:54 ` Nick Roberts
2005-01-05 20:04 ` Warren W. Gay VE3WWG
2005-01-06 0:32 ` Nick Roberts
2005-01-06 1:29 ` Wes Groleau
2005-01-06 11:03 ` Dmitry A. Kazakov
2005-01-05 9:39 ` Dmitry A. Kazakov
2005-01-05 11:20 ` Warren W. Gay VE3WWG
2005-01-05 12:18 ` Dmitry A. Kazakov
2005-01-05 14:39 ` Warren W. Gay VE3WWG
2005-01-05 17:16 ` zest_fien
2005-01-05 19:44 ` Larry Kilgallen
2005-01-04 20:09 ` Nick Roberts
2005-01-05 10:19 ` Dmitry A. Kazakov
2005-01-05 18:33 ` Nick Roberts
2005-01-05 20:15 ` Dmitry A. Kazakov
2004-12-31 18:47 ` Nick Roberts
2004-12-31 20:36 ` Warren W. Gay VE3WWG
2005-01-04 18:22 ` Nick Roberts
2005-01-05 5:12 ` Warren W. Gay VE3WWG
2005-01-05 18:02 ` Nick Roberts
2005-01-05 19:55 ` Warren W. Gay VE3WWG
2005-01-06 0:57 ` Nick Roberts
2005-01-06 2:34 ` Warren W. Gay VE3WWG
-- strict thread matches above, loose matches on Subject: below --
2005-01-05 12:14 Mike Brenner
2005-01-05 18:04 ` Warren W. Gay VE3WWG
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox