From: "I. Levashew" <octagram@bluebottle.com>
Subject: Re: Ada OS
Date: Thu, 27 Dec 2007 02:56:04 +0600
Date: 2007-12-27T02:56:04+06:00 [thread overview]
Message-ID: <fkuf2r$suf$1@registered.motzarella.org> (raw)
In-Reply-To: <CEHbj.32617$UZ4.10924@edtnps89>
Paul wrote:
> OpenBSD values security, correctness and standardization, all of which I
> see in Ada.
Well, security is currently something fashionable. Nobody wants to be
the one not concious about security. But Ada isn't being mentioned more
often. I had impression that it's a good show business to be
security-concious. Cyclone, Fortify Source, Singularity. Cyclone
pretends to fill "an empty niche". Fortify Source makes money on finding
security issues in a source code, but without any reference to Ada. And
Singularity pretends to be "absolutely secure" OS, mostly in modified
.NET with tiny pieces in ... guess what? "verified C++ source code".
Microsoft .NET implementation had critical vulnerabilities like any
other OS component. How can one believe that "this time they'll maid
something real".
In these circumstances one argument remains unbeaten: programs must not
do bad things not because they were not allowed to do them. Most people
forget one simple thing: virtually no any developer ever wrote
if Shell_Codes.Argument_Is_Shell_Code(Argument) then
Shell_Codes.Run_Shell_Code(Argument);
end if;
in their programs. Security measures such as SELinux, chroot,
Capabilities, etc. can only be secondary layers of prevention, not the
primary one.
Returning to the original topic, there are many independent decisions to
be maid when designing OS distro. OK, let's write everything we can in
Ada. What's next? Currently there are many identified problems in modern
OSes. One of them is extremelly high complexity of OS. Good example is
Windows. After using it for a long time you are losing control over it.
Different programs can alter some OS files, registry keys. Three years
past installation it can be difficult to remember all the changes maid
to the system. The only good way to backup such a system -- to dump the
whole system partition. Next generation OS must be managed in a
functional way. One property of a function is exploited here: it's
deterministic. It must produce the same results wherever and whenever it
was invoked. It must be simple to build up any program for any
architecture with any configure options. Building crosscompilers,
managing compilation process must be done via underlying subsystem. Nix
package management is far from being perfect. But it is aimed right. In
Nix OS functional way of doing things is also applied to system
configuration, not just package management. If one could express the
whole system with set of expressions in a functional language, it'll be
easy to backup the whole system, manage multiple identical(or not so
identical) workstations and servers and add a new ones. Ideally, without
long hours of installation process. Thouthands of files present in
modern OSes would be just cache of functional expression computation
results. And provided that functions are really deterministic one can
allow workstations to exchange their cached expressions.
SELinux is about managing rights in a functional way.
As you can see, both Nix and SELinux have nothing to do with Ada. These
are independent design choices. And there are many other independent
design decisions to be maid. Fortunatelly, there was enough time to
identify common problems.
IIUC, Nix and SELinux are not currently integrated. I think their
combination can be good step towards next-generation OS. Like SEBSD,
SEDarwin are SELinux way of managing rights applied to BSD and Darwin,
let's call it Senix. Sounds good, no?
God in the details. Each detail matters. That's why next-generation OS
must be written in Ada, but it's neither the least nor the most
meaningful detail.
IMHO.
next prev parent reply other threads:[~2007-12-26 20:56 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-11-19 13:14 Ada OS Peter Hermann
2007-11-19 18:37 ` tmoran
2007-11-20 10:13 ` Peter Hermann
2007-11-21 20:11 ` Lucretia
2007-11-22 10:13 ` Peter Hermann
2007-11-22 14:50 ` Lucretia
2007-11-23 2:08 ` anon
2007-11-23 9:46 ` Peter Hermann
2007-11-23 13:02 ` Maciej Sobczak
2007-11-24 0:34 ` Brian May
2007-11-27 1:34 ` Randy Brukardt
2007-12-20 7:52 ` I. Levashew
2007-12-20 7:54 ` I. Levashew
2007-12-21 11:29 ` anon
2007-12-24 5:41 ` Paul
2007-12-26 19:49 ` OpenBSD and Ada (was: Re: Ada OS) Tero Koskinen
2007-12-28 15:04 ` Ada lacks support greatly (was: OpenBSD and Ada) Rico Secada
2007-12-30 20:28 ` Ada lacks support greatly Florian Weimer
2007-12-29 0:39 ` OpenBSD and Ada Samuel Tardieu
2007-12-26 20:56 ` I. Levashew [this message]
2007-12-26 21:56 ` Ada OS Dmitry A. Kazakov
2007-12-26 22:48 ` Georg Bauhaus
2007-12-27 9:26 ` Dmitry A. Kazakov
2007-12-28 1:28 ` I. Levashew
2008-01-08 16:07 ` Thomas Preymesser
2008-01-08 18:04 ` anon
2008-01-08 19:19 ` Georg Bauhaus
2008-01-08 20:58 ` Simon Wright
2008-01-08 22:34 ` anon
2008-01-09 1:15 ` Jeffrey Creem
2008-01-09 19:32 ` anon
2008-01-09 20:50 ` Georg Bauhaus
2008-01-09 21:15 ` Simon Wright
2008-01-08 21:27 ` Simon Wright
2008-01-08 22:19 ` Simon Wright
2008-01-09 8:04 ` Ole-Hjalmar Kristensen
[not found] <fe4bb2c2.0208052200.77d14528@posting.google.com>
2002-08-10 8:16 ` AFS97209
2002-08-10 18:32 ` Caffeine Junky
2002-08-11 4:10 ` Marc Spitzer
2002-08-11 4:32 ` Christopher Browne
2002-08-12 7:47 ` antoine terrienne
2002-08-13 17:43 ` Marin D. Condic
2002-08-13 15:46 ` Wes Groleau
2002-08-13 16:44 ` Christopher Browne
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox