From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: To: 9fans@cse.psu.edu Subject: Re: [9fans] security From: erik quanstrom Date: Sun, 28 Oct 2007 12:10:59 -0400 In-Reply-To: <4724B007.6090908@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Topicbox-Message-UUID: dce03a1e-ead2-11e9-9d60-3106f5b1d025 >> in that case, one should build a sandbox, climb into it and import the >> fs. the potential damage is contained. maybe 9fs should have an >> option to do that. >> > > What if the trojan broke out of that sandbox? Or knows how to > import other parts of the namespace into its process? Namespaces > on Plan 9 are nice, but they absolutely do not constitute a safe > sandbox. Boo easy answers. deadhorse. i'll risk repeating skip because you seem to have missed his point. sharing REQUIRES trust! if you use plan 9, linux, windows, osx, vms or whatever you trust that the authors haven't trojaned the os. if you use a pc, a mac, a vax 11/780, an ipaq or whatever, you trust that the hardware guys don't have something in there working against your interest. (if you've seen what intel's put in their "desktop" proe/1000 chips lately, ironicly in the name of security, you'd have an inkling of how this might happen.) you trust your network provider not to send 20KV down the wire, etc. i don't think anyone here advocates sharing needles. on the other hand, wearing a full-body condom to sleep by oneself is a bit silly. but suppose you do. then watch out for the junkies. they might just poke you in the butt right through that full-body condom. - erik