[FoRK] kragen rides again-

Tony Finch < dot at dotat.at > on > Wed Oct 11 18:09:25 PDT 2006

On Wed, 11 Oct 2006, Luis Villa wrote:
> On 10/11/06, Kragen Javier Sitaker <kragen at pobox.com> wrote:
> >
> > How are we going to solve this problem?  GNOME is going in the
> > opposite of the right direction.  Mono is implementing Microsoft's
> > security model, which is useless for P2P computation.  The
> > capabilities guys are becoming gradually more academic.  What are we
> > going to do?
>
> I think someone has to go spec it and write it; that's the only way to
> get real traction. I really haven't given much thought to the security
> model, honestly. What is the problem with the mono security model in a
> p2p context? [Perhaps a better question for where I'm at: what does
> the language's security model have to do with the app's security
> model, given that it will almost certainly have to create a p2p auth
> system which doesn't really exist yet?]

E sounds like it would be good in this area. <http://www.erights.org/>
It's a distributed object-capability language designed to support
programming with fine-grained distrust and fine-grained message-passing
parallelism.

The problem at the moment is that privilege on most computers is
all-or-nothing. If a computer is only used by one user, then if you
compromise that account you effectively control the computer. We need to
get away from the time-sharing multi-user model, where users are protected
from each other, and move towards a model where applications are the unit
of protection. Then it becomes easier to run untrusted code with limited
privileges, without depending on a language runtime to protect you.

Tony.
-- 
f.a.n.finch  <dot at dotat.at>  http://dotat.at/
FORTIES CROMARTY FORTH: SOUTHERLY 6 TO GALE 8, DECREASING 5 OR 6 LATER. RAIN
OR SHOWERS. MODERATE OR GOOD.

More information about the FoRK mailing list