[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: On trusting its parent process

From: Marcus Brinkmann
Subject: Re: On trusting its parent process
Date: Wed, 13 Jul 2005 18:40:50 +0200
User-agent: Wanderlust/2.10.1 (Watching The Wheels) SEMI/1.14.6 (Maruoka) FLIM/1.14.6 (Marutamachi) APEL/10.6 Emacs/21.4 (i386-pc-linux-gnu) MULE/5.0 (SAKAKI)

At Wed, 13 Jul 2005 18:17:31 +0200,
address@hidden (Ludovic Courtès) wrote:
> Marcus Brinkmann <address@hidden> writes:
> Only in some cases do processes need to have "absolute authenticity"
> proofs, that is, authenticity wrt. what the machine's administrator
> intends to do.  For instance, `passwd' needs to make sure the data it is
> accessing is the one _it_ created earlier. 

Ah, nice observation.  But even that is relativ of course: What if I
run a sub-hurd under my own user ID: With my own authentication
server, root filesystem etc?  Then of course the enclosed passwd wants
to use the passwd file from _that_ root filesystem...

> (I guess persistence comes
> in handy here because such sensitive programs do not need to expose
> their state publicly and need not rely on an authentic file server.)

Yeah, persistency seems to be help a lot here.

> It looks like I'm just repeating the same things over, but it really
> helps me understand the issue.  ;-)

Nah, we are still fine tuning it :)


reply via email to

[Prev in Thread] Current Thread [Next in Thread]