Re: [9fans] security - erik quanstrom

9fans - fans of the OS Plan 9 from Bell Labs
 help / color / mirror / Atom feed

From: erik quanstrom <quanstro@quanstro.net>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] security
Date: Sun, 28 Oct 2007 12:10:59 -0400	[thread overview]
Message-ID: <b2a3ecd7fd90806b69aff4efb0103627@quanstro.net> (raw)
In-Reply-To: <4724B007.6090908@gmail.com>

>> in that case, one should build a sandbox, climb into it and import the
>> fs.  the potential damage is contained.  maybe 9fs should have an
>> option to do that.
>> 
> 
> What if the trojan broke out of that sandbox? Or knows how to
> import other parts of the namespace into its process? Namespaces
> on Plan 9 are nice, but they absolutely do not constitute a safe
> sandbox. Boo easy answers.

deadhorse.

i'll risk repeating skip because you seem to have missed his point.

	sharing REQUIRES trust!

if you use plan 9, linux, windows, osx, vms or whatever you
trust that the authors haven't trojaned the os.  if you use a 
pc, a mac, a vax 11/780, an ipaq or whatever, you trust that
the hardware guys don't have something in there working
against your interest.  (if you've seen what intel's put in their
"desktop" proe/1000 chips lately, ironicly in the name of
security, you'd have an inkling of how this might happen.)
you trust your network provider not to send 20KV down the
wire, etc.

i don't think anyone here advocates sharing needles.
on the other hand, wearing a full-body condom to sleep
by oneself is a bit silly.

but suppose you do.  then watch out for the junkies.  they might just
poke you in the butt right through that full-body condom.

- erik

next prev parent reply	other threads:[~2007-10-28 16:10 UTC|newest]

Thread overview: 50+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2007-10-26 22:38 [9fans] grap retarded?? Pietro Gagliardi
2007-10-26 23:17 ` geoff
2007-10-26 23:22   ` Pietro Gagliardi
2007-10-27  2:51   ` [9fans] detecting spam arisawa
2007-10-27  3:16     ` Pietro Gagliardi
2007-10-27  4:38       ` [9fans] security erik quanstrom
2007-10-27  9:03         ` roger peppe
2007-10-27 10:04           ` arisawa
2007-10-27 12:48             ` Uriel
2007-10-27 14:54           ` erik quanstrom
2007-10-27 17:19         ` Tim Newsham
2007-10-27 19:18           ` erik quanstrom
2007-10-27 22:20             ` don bailey
2007-10-27 22:25               ` Pietro Gagliardi
2007-10-27 22:33                 ` don bailey
2007-10-28  0:17                 ` David Leimbach
2007-10-28  6:00                   ` Skip Tavakkolian
2007-10-28  6:06                     ` john
2007-10-28  8:32                     ` Joel C. Salomon
2007-10-28 20:53               ` Charles Forsyth
2007-10-27 23:40             ` Skip Tavakkolian
2007-10-28  6:11               ` don bailey
2007-10-28  6:30                 ` Skip Tavakkolian
2007-10-28  6:42                   ` don bailey
2007-10-28  7:28                     ` Skip Tavakkolian
2007-10-28 12:53                       ` Pietro Gagliardi
2007-10-28 15:52                         ` don bailey
2007-10-28 15:51                       ` don bailey
2007-10-28 15:59                         ` Iruata Souza
2007-10-28 16:30                           ` don bailey
2007-10-28 17:14                             ` Iruata Souza
2007-10-28 17:22                             ` Gabriel Diaz
2007-10-28 17:44                               ` Pietro Gagliardi
2007-10-28 20:37                           ` Charles Forsyth
2007-10-28 16:10                         ` erik quanstrom [this message]
2007-10-28 16:26                           ` don bailey
2007-10-28 18:30                         ` Skip Tavakkolian
2007-10-28 18:43                           ` Uriel
2007-10-28 18:58                             ` Iruata Souza
2007-10-28 22:48                             ` arisawa
2007-10-28 23:29                               ` Pietro Gagliardi
2007-10-29  2:30                               ` Skip Tavakkolian
2007-10-27  9:00       ` [9fans] detecting spam roger peppe
2007-10-27 13:16         ` Pietro Gagliardi
2007-10-27 13:41           ` erik quanstrom
2007-10-27 13:43             ` Pietro Gagliardi
2007-10-27 14:04           ` Martin Neubauer
2007-10-29 10:10 ` [9fans] grap retarded?? Douglas A. Gwyn
2007-10-29 18:43   ` Pietro Gagliardi
2007-10-29 10:10 ` Douglas A. Gwyn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=b2a3ecd7fd90806b69aff4efb0103627@quanstro.net \
    --to=quanstro@quanstro.net \
    --cc=9fans@cse.psu.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).