From: "Warren W. Gay VE3WWG" <ve3wwg@NoSPAM.cogeco.ca>
Subject: Re: For the AdaOS folks
Date: Tue, 04 Jan 2005 13:00:04 -0500
Date: 2005-01-04T13:00:04-05:00 [thread overview]
Message-ID: <zPACd.24026$P%3.1139129@news20.bellglobal.com> (raw)
In-Reply-To: <24hf82mgtexu$.c07xlxejxm1c$.dlg@40tude.net>
Dmitry A. Kazakov wrote:
> On Mon, 03 Jan 2005 15:44:17 -0500, Warren W. Gay VE3WWG wrote:
>>Dmitry A. Kazakov wrote:
>>
>>>But in our hypothetical OS each possible way of access will be represented
>>>by some safe system object. These objects, when properly designed will
>>>provide necessary administrative services.
>>
>>If you are a night watchman for a Mall, which situation makes it
>>easier to sleep at night when you've locked up and gone home?
>>
>> 1. A mall with one or two doors on the outside to be
>> locked and checked.
>> 2. A mall with thousands of doors on the outside to be
>> locked and checked.
>>
>>The answer is obvious. Sure, it is ok for other doors to exist
>>inside the mall (for each store), which can be locked, but it
>>only makes sense to choke the security at a minimal number
>>of points.
>
> But you can approach the problem in other ways. You could change people to
> make impossible for somebody to steal. You could make objects unusable when
> stolen etc.
How much chance do you think that this has of working with PCs,
laptops, servers etc. that might run an new O/S? You're not
a practical man.
>>>Do you have one "gate" for hard drive I/O?
>>
>>Yes, actually. The kernel controls the issuing of the IDE
>>commands, so that no process can permanently destroy the
>>IDE drive (which can be done, if certain commands are issued).
>>Not to mention that partition scope(s) must be enforced.
>
> It is no different from handling TCP/IP sockets. So the problem lies
> elsewhere above. Anybody may try to open a file.
I'm just going to bite my lip on this one.
>>File systems mitigate access to the thousands of objects
>>that exist within the file system. In a hierarchical system
>>of directories, you have upper levels of choke points (in
>>parent directories), as well as the ability to control
>>access on the object itself.
>
> Yes, that is the point. Files are primitive, but objects. It is much easier
> to enforce security in a hierarchical system than in a flat sea of
> unstructured data.
But a firewall prevents you from accessing any of my files at home ;-)
and my files at work.
Sure, there is also an account+password, more networking, and
more controls behind it. But the one I really count on Dmitry, is
that firewall.
>>>Do you need a firewall to tunnel open/close/read/write to floppy
>>>drives? It would be nonsense.
>>
>>Maybe its not your floppy. Maybe it belongs to
>>another user (perhaps a student/coworker/spouse).
>
> But how a tunnel might help with that? It does not know who is the owner.
Not a problem. I can determine who accesses the floppy
when it is mounted (look up the mount command).
>>>The problem is that network protocols do not
>>>have safety of a file system.
>>
>>A file system is confined.
>
> Come on, there were multi-user OSes before Windows. Even UNIX pretended to
> be one.
So? Who gets an account? (approved folk).
Who is on the internet? (everyone, including hackers, nobody excluded)
There is a difference, and there are other differences also.
>>Not at all. While it is not the entire answer to network
>>security, you court disaster without one. You will not find
>>one network security expert to suggest what you are promoting.
>
> Sure, why should they kill a hen carrying the gold eggs? (:-))
It sounds like the golden egg is on your system(s) - especially
if you don't believe in firewalls ;-)
> Did you ever
> hear from any company selling anti-virus software that the only problem
> with viruses is OS?
I'm not going to bite. I'll just bite my lip instead ;-)
--
Warren W. Gay VE3WWG
http://home.cogeco.ca/~ve3wwg
next prev parent reply other threads:[~2005-01-04 18:00 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-27 5:09 For the AdaOS folks Wes Groleau
2004-12-27 10:56 ` Florian Weimer
2004-12-27 12:50 ` Georg Bauhaus
2004-12-27 13:12 ` Florian Weimer
2004-12-28 1:18 ` Wes Groleau
2004-12-27 13:46 ` Adrien Plisson
2004-12-27 16:28 ` Georg Bauhaus
2004-12-28 6:19 ` Microkernels & Ada (Was for the AdaOS folks) Warren W. Gay VE3WWG
2004-12-28 12:02 ` Adrien Plisson
2004-12-28 15:28 ` Warren W. Gay VE3WWG
2004-12-30 1:19 ` For the AdaOS folks Nick Roberts
2004-12-30 13:58 ` Warren W. Gay VE3WWG
2004-12-30 15:27 ` Dmitry A. Kazakov
2004-12-30 16:30 ` Warren W. Gay VE3WWG
[not found] ` <otb8t09dkjh54e1k5s5ccn23ggkqk6ndui@4ax.com>
2004-12-30 19:06 ` OT: Mach Ports (For the AdaOS folks) Warren W. Gay VE3WWG
2004-12-31 10:03 ` For the AdaOS folks Dmitry A. Kazakov
2004-12-31 11:30 ` Warren W. Gay VE3WWG
2004-12-31 12:31 ` Dmitry A. Kazakov
2004-12-31 16:24 ` Warren W. Gay VE3WWG
2004-12-31 17:57 ` Marven Lee
2004-12-31 18:40 ` Warren W. Gay VE3WWG
2004-12-31 19:22 ` Warren W. Gay VE3WWG
2005-01-02 15:09 ` Marven Lee
2005-01-02 20:06 ` Luke A. Guest
2005-01-03 3:13 ` Warren W. Gay VE3WWG
2005-01-03 6:40 ` Luke A. Guest
2005-01-03 10:30 ` Marven Lee
2005-01-03 15:52 ` Warren W. Gay VE3WWG
2005-01-03 16:48 ` Ad Buijsen
2005-01-03 18:49 ` Warren W. Gay VE3WWG
2005-01-03 13:43 ` Marven Lee
2005-01-04 23:36 ` Nick Roberts
2005-01-03 16:22 ` Warren W. Gay VE3WWG
2005-01-04 23:16 ` Nick Roberts
2005-01-05 3:48 ` Warren W. Gay VE3WWG
2005-01-05 13:14 ` Nick Roberts
2005-01-01 12:53 ` Dmitry A. Kazakov
2005-01-02 0:31 ` Warren W. Gay VE3WWG
2005-01-02 11:50 ` Dmitry A. Kazakov
2005-01-02 22:04 ` Warren W. Gay VE3WWG
2005-01-03 10:30 ` Dmitry A. Kazakov
2005-01-03 16:36 ` Warren W. Gay VE3WWG
2005-01-03 17:05 ` Dmitry A. Kazakov
2005-01-03 19:01 ` Warren W. Gay VE3WWG
2005-01-03 19:55 ` Dmitry A. Kazakov
2005-01-03 20:44 ` Warren W. Gay VE3WWG
2005-01-04 0:02 ` Randy Brukardt
2005-01-04 17:44 ` Warren W. Gay VE3WWG
2005-01-04 20:14 ` Nick Roberts
2005-01-04 9:59 ` Dmitry A. Kazakov
2005-01-04 18:00 ` Warren W. Gay VE3WWG [this message]
2005-01-04 19:07 ` Dmitry A. Kazakov
2005-01-04 19:57 ` Warren W. Gay VE3WWG
2005-01-05 0:02 ` Nick Roberts
2005-01-05 4:37 ` Warren W. Gay VE3WWG
2005-01-05 18:54 ` Nick Roberts
2005-01-05 20:04 ` Warren W. Gay VE3WWG
2005-01-06 0:32 ` Nick Roberts
2005-01-06 1:29 ` Wes Groleau
2005-01-06 11:03 ` Dmitry A. Kazakov
2005-01-05 9:39 ` Dmitry A. Kazakov
2005-01-05 11:20 ` Warren W. Gay VE3WWG
2005-01-05 12:18 ` Dmitry A. Kazakov
2005-01-05 14:39 ` Warren W. Gay VE3WWG
2005-01-05 17:16 ` zest_fien
2005-01-05 19:44 ` Larry Kilgallen
2005-01-04 20:09 ` Nick Roberts
2005-01-05 10:19 ` Dmitry A. Kazakov
2005-01-05 18:33 ` Nick Roberts
2005-01-05 20:15 ` Dmitry A. Kazakov
2004-12-31 18:47 ` Nick Roberts
2004-12-31 20:36 ` Warren W. Gay VE3WWG
2005-01-04 18:22 ` Nick Roberts
2005-01-05 5:12 ` Warren W. Gay VE3WWG
2005-01-05 18:02 ` Nick Roberts
2005-01-05 19:55 ` Warren W. Gay VE3WWG
2005-01-06 0:57 ` Nick Roberts
2005-01-06 2:34 ` Warren W. Gay VE3WWG
-- strict thread matches above, loose matches on Subject: below --
2005-01-05 12:14 Mike Brenner
2005-01-05 18:04 ` Warren W. Gay VE3WWG
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox