From: Christopher Browne <cbbrowne@acm.org>
Subject: Re: if file exist
Date: 29 Sep 2002 05:13:04 GMT
Date: 2002-09-29T05:13:04+00:00 [thread overview]
Message-ID: <an6250$b9hg1$1@ID-125932.news.dfncis.de> (raw)
In-Reply-To: yecheg9762r.fsf@king.cts.com
In the last exciting episode, Keith Thompson <kst@cts.com> wrote::
> "Marin David Condic" <mcondic.auntie.spam@acm.org> writes:
>> Q: Are you a spy?
>>
>> A: I'm not allowed to say...
>>
>> Maybe its better to think about it from the OS level - provide something in
>> an OS interface package that says "We'll return whatever information the OS
>> will give us about the file and it is OS dependent as to what the result
>> is..." That way whatever security the OS wants to provide is respected.
>
> I don't think we are (or should be) debating whether to respect the
> security provided by the OS. Violating OS security isn't just a bad
> idea, it's just plain impossible (barring OS bugs, of course).
FYI, here are two /highly/ relevant links to documents concerning
a Multics security evaluation done back in 1974.
http://csrc.nist.gov/publications/history/karg74.pdf
http://domino.watson.ibm.com/library/cyberdig.nsf/papers?SearchView&Query=(multics)
Part of the conclusion was that Multics /wasn't/ acceptably secure,
back then, and that some modifications to the security design would be
required to make it /really/ secure. The OSes of today have downright
moved backwards from that.
Another part of the conclusion was that part of the security Multics
/did/ have came from the string support in PL/1. The buffer overruns
that C is famed for wouldn't happen in PL/1, and more than likely
aren't Ada things either...
Some interesting principles pop out, in any case...
--
(concatenate 'string "cbbrowne" "@ntlug.org")
http://cbbrowne.com/info/multics.html
I've had a perfectly wonderful evening. But this wasn't it.
-- Groucho Marx
next prev parent reply other threads:[~2002-09-29 5:13 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <mailman.1032687678.1150.comp.lang.ada@ada.eu.org>
2002-09-22 9:58 ` if file exist Preben Randhol
2002-09-22 19:25 ` Keith Thompson
2002-09-22 11:26 ` Dale Stanbrough
2002-09-22 14:45 ` Simon Wright
2002-09-22 17:24 ` Frank J. Lhota
2002-09-22 19:24 ` Keith Thompson
2002-09-22 22:20 ` Dale Stanbrough
2002-09-23 5:14 ` Simon Wright
2002-09-23 12:38 ` Larry Kilgallen
2002-09-26 0:39 ` Nick Roberts
2002-09-26 16:48 ` Warren W. Gay VE3WWG
2002-09-26 22:14 ` Robert A Duff
2002-09-27 10:47 ` steve_H
2002-09-27 14:01 ` Robert A Duff
2002-09-27 18:43 ` Randy Brukardt
2002-09-28 1:17 ` Keith Thompson
2002-09-28 13:04 ` Marin David Condic
2002-09-29 4:50 ` Keith Thompson
2002-09-29 5:13 ` Christopher Browne [this message]
2002-09-27 21:59 ` Mark Biggar
2002-09-27 23:09 ` Larry Kilgallen
2002-10-04 20:56 ` Stefan Skoglund
2002-10-05 13:59 ` Robert A Duff
2002-10-06 20:35 ` Keith Thompson
2002-10-07 0:34 ` Robert A Duff
2002-10-07 5:42 ` David Thompson
2002-10-13 17:05 ` Larry Kilgallen
2002-10-21 2:17 ` David Thompson
2002-09-22 11:55 ` Per Sandbergs
2002-09-22 22:29 ` SteveD
2002-09-23 1:53 ` if_file_exist : it's working thankyou all! Dominic D'Apice
2002-09-23 5:25 ` Simon Wright
2002-09-23 23:59 ` Dominic D'Apice
2002-09-25 19:13 ` Simon Wright
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox