Re: [9fans] Plan 9 security

[Don Bailey <don.bailey@gmail.com>]

[-- Attachment #1: Type: text/plain, Size: 1805 bytes --]

On Fri, Aug 23, 2019 at 12:47 PM Ethan Gardener <eekee57@fastmail.fm> wrote:

> On Tue, Aug 20, 2019, at 2:29 PM, Don A. Bailey wrote:
> >
> > Fwiw Plan 9’s code vase has indeed been audited. By me. Several
> exploitable bugs were found including a kernel exploit due to the env
> driver. I wrote a working PoC for it which is somewhere on the internet,
> but it’s quite old.
>
> My apologies!
>

No apologies necessary, you didn't know.


>
> > Much of the code hasn’t changed, and, I would suspect, is largely secure.
>
> Good to know. :)
>
> I wonder how many relevant parts have changed in 9front?  There are
> regular kernel changes, some of which were made to handle the heavy
> shell-script load of running werc sites.  (For a short time, the load on
> cat-v.org was very heavy.)
>
>
A delta audit would be useful and might be fun. I don't think I have the
time, currently, but I wouldn't mind to get back into it.


> > But you’re talking implementation security versus architectural
> security. In the case of IoT, Plan 9 does exceptional things to close the
> gaps that embedded systems supply its users, but it is nowhere near
> complete.
>
> I guess I am, and yes, Plan 9 is sadly incomplete in many areas.
>

I don't think it's sadly incomplete. Plan 9 is awesome. However, it isn't
really Plan 9's job to address silicon security and hardware trust. Some
integrations could be made into the kernel authentication stack and the
Secure Store et. al., but that is a gap easily closed. The hard part is
choosing cost effective hardware that does the job. The Linux BIOS team
(Ron and Pals) have done a great job of getting closer to The Source, but
that isn't really something an OS should address. That's more of a
firmware/BIOS/CPU thing.

[-- Attachment #2: Type: text/html, Size: 2618 bytes --]