On Fri, Aug 23, 2019 at 12:47 PM Ethan Gardener wrote: > On Tue, Aug 20, 2019, at 2:29 PM, Don A. Bailey wrote: > > > > Fwiw Plan 9’s code vase has indeed been audited. By me. Several > exploitable bugs were found including a kernel exploit due to the env > driver. I wrote a working PoC for it which is somewhere on the internet, > but it’s quite old. > > My apologies! > No apologies necessary, you didn't know. > > > Much of the code hasn’t changed, and, I would suspect, is largely secure. > > Good to know. :) > > I wonder how many relevant parts have changed in 9front? There are > regular kernel changes, some of which were made to handle the heavy > shell-script load of running werc sites. (For a short time, the load on > cat-v.org was very heavy.) > > A delta audit would be useful and might be fun. I don't think I have the time, currently, but I wouldn't mind to get back into it. > > But you’re talking implementation security versus architectural > security. In the case of IoT, Plan 9 does exceptional things to close the > gaps that embedded systems supply its users, but it is nowhere near > complete. > > I guess I am, and yes, Plan 9 is sadly incomplete in many areas. > I don't think it's sadly incomplete. Plan 9 is awesome. However, it isn't really Plan 9's job to address silicon security and hardware trust. Some integrations could be made into the kernel authentication stack and the Secure Store et. al., but that is a gap easily closed. The hard part is choosing cost effective hardware that does the job. The Linux BIOS team (Ron and Pals) have done a great job of getting closer to The Source, but that isn't really something an OS should address. That's more of a firmware/BIOS/CPU thing.