From: "Devon H. O'Dell" <devon.odell@gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Subject: Re: [9fans] security questions
Date: Thu, 16 Apr 2009 22:19:21 -0400 [thread overview]
Message-ID: <9ab217670904161919na069ecy3fcc06d412307a40@mail.gmail.com> (raw)
In-Reply-To: <20090417020731.A822E5B1B@mail.bitblocks.com>
2009/4/16 Bakul Shah <bakul+plan9@bitblocks.com>:
> On Thu, 16 Apr 2009 21:25:06 EDT "Devon H. O'Dell" <devon.odell@gmail.com> wrote:
>> That said, I don't disagree. Perhaps Plan 9's environment hasn't been
>> assumed to contain malicious users. Which brings up the question: Can
>> Plan 9 be safely run in a potentially malicious environment? Based on
>> this argument, no, it cannot. Since I want to run Plan 9 in this sort
>> of environment (and thus move away from that assumption), I want to
>> address these problems, and I kind of feel like it's weird to be
>> essentially told, ``Don't do that.''
>
> Why not give each user a virtual plan9? Not like vmware/qemu
> but more like FreeBSD's jail(8), "done more elegantly"[TM]!
> To deal with potentially malicious users you can virtualize
> resources, backed by limited/configurable real resources.
I saw a talk about Mult at DCBSDCon. I think it's a much better idea
than FreeBSD jail(8), and its security is provable.
See also: http://mult.bsd.lv/
I do like this idea.
> The other thought that comes to mind is to consider something
> like class based queuing (from the networking world). That
> is, allow choice of different allocation/scheduling/resource
> use policies and allow further subdivision. Then you can give
> preferential treatment to known good guys. Other users can
> still experiment to their heart's content within the
> resources allowed them.
>
> My point being think of a consistent high level model that
> you like and then worry about implementation details.
That's also another interesting idea I hadn't considered.
Anybody else with thoughts on these?
--dho
next prev parent reply other threads:[~2009-04-17 2:19 UTC|newest]
Thread overview: 94+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-04-16 17:47 Devon H. O'Dell
2009-04-16 18:30 ` erik quanstrom
2009-04-16 19:14 ` Venkatesh Srinivas
2009-04-16 20:10 ` Devon H. O'Dell
2009-04-16 20:19 ` Devon H. O'Dell
2009-04-17 4:48 ` lucio
2009-04-17 5:03 ` Eris Discordia
2009-04-17 9:47 ` lucio
2009-04-17 10:24 ` Eris Discordia
2009-04-17 11:55 ` lucio
2009-04-17 13:08 ` Eris Discordia
2009-04-17 14:15 ` gdiaz
2009-04-17 16:39 ` lucio
[not found] ` <6FD675BC714D323BF959A53B@192.168.1.2>
2009-04-17 16:15 ` Robert Raschke
2009-04-17 20:12 ` John Barham
2009-04-17 21:40 ` blstuart
2009-04-17 16:32 ` [9fans] VMs, etc. (was: Re: security questions) blstuart
2009-04-17 17:11 ` tlaronde
2009-04-17 17:29 ` erik quanstrom
2009-04-17 18:18 ` tlaronde
2009-04-17 19:00 ` erik quanstrom
2009-04-17 18:50 ` blstuart
2009-04-17 18:31 ` blstuart
2009-04-17 18:45 ` erik quanstrom
2009-04-17 18:59 ` blstuart
2009-04-17 19:05 ` erik quanstrom
2009-04-17 20:21 ` blstuart
2009-04-18 14:54 ` erik quanstrom
2009-04-18 16:06 ` Mechiel Lukkien
2009-04-19 20:52 ` blstuart
2009-04-20 17:30 ` [9fans] VMs, etc maht
2009-04-20 17:44 ` erik quanstrom
2009-04-20 17:47 ` Devon H. O'Dell
2009-04-20 17:49 ` maht
2009-04-17 19:39 ` [9fans] VMs, etc. (was: Re: security questions) tlaronde
2009-04-17 21:25 ` blstuart
2009-04-17 21:59 ` tlaronde
2009-04-17 23:41 ` Mechiel Lukkien
2009-04-17 18:59 ` Eris Discordia
2009-04-17 21:38 ` blstuart
[not found] ` <1322FA0842063D3D53C712DC@192.168.1.2>
2009-04-17 20:07 ` J.R. Mauro
2009-04-17 19:02 ` lucio
2009-04-17 21:01 ` blstuart
2009-04-18 5:25 ` lucio
2009-04-19 20:19 ` blstuart
2009-04-17 19:16 ` [9fans] Plan9 - the next 20 years Steve Simon
2009-04-17 19:39 ` J.R. Mauro
2009-04-17 19:43 ` tlaronde
2009-04-17 19:56 ` J.R. Mauro
2009-04-17 20:14 ` Eric Van Hensbergen
2009-04-17 20:18 ` Benjamin Huntsman
2009-04-18 4:26 ` erik quanstrom
2009-04-17 20:29 ` J.R. Mauro
2009-04-18 3:56 ` erik quanstrom
2009-04-18 4:12 ` J.R. Mauro
2009-04-18 4:16 ` erik quanstrom
2009-04-18 5:51 ` J.R. Mauro
2009-04-18 12:52 ` Steve Simon
2009-04-17 20:20 ` John Barham
2009-04-16 20:51 ` [9fans] security questions erik quanstrom
2009-04-16 21:49 ` Devon H. O'Dell
2009-04-16 22:19 ` erik quanstrom
2009-04-16 23:36 ` Devon H. O'Dell
2009-04-17 0:00 ` erik quanstrom
2009-04-17 1:25 ` Devon H. O'Dell
2009-04-17 1:54 ` erik quanstrom
2009-04-17 2:17 ` Devon H. O'Dell
2009-04-17 2:23 ` erik quanstrom
2009-04-17 2:33 ` Devon H. O'Dell
2009-04-17 2:43 ` J.R. Mauro
2009-04-17 5:48 ` john
2009-04-17 5:52 ` Bruce Ellis
2009-04-17 5:52 ` andrey mirtchovski
2009-04-17 5:57 ` Bruce Ellis
2009-04-17 9:26 ` Charles Forsyth
2009-04-17 10:29 ` Steve Simon
2009-04-17 11:04 ` Mechiel Lukkien
2009-04-17 11:36 ` lucio
2009-04-17 11:40 ` lucio
2009-04-17 11:51 ` erik quanstrom
2009-04-17 12:06 ` erik quanstrom
2009-04-17 13:52 ` Steve Simon
2009-04-17 1:59 ` Russ Cox
2009-04-17 12:07 ` maht
2009-04-17 2:07 ` Bakul Shah
2009-04-17 2:19 ` Devon H. O'Dell [this message]
2009-04-17 6:33 ` Bakul Shah
2009-04-17 9:51 ` lucio
2009-04-17 11:34 ` erik quanstrom
2009-04-17 12:14 ` Devon H. O'Dell
2009-04-17 18:29 ` Bakul Shah
2009-04-17 11:59 ` Devon H. O'Dell
2009-04-17 5:06 ` Eris Discordia
2009-04-17 8:36 ` Richard Miller
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=9ab217670904161919na069ecy3fcc06d412307a40@mail.gmail.com \
--to=devon.odell@gmail.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).