From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-0.1 required=5.0 tests=DKIM_SIGNED,DKIM_VALID,
	DKIM_VALID_AU,FREEMAIL_FROM autolearn=ham autolearn_force=no
	version=3.4.4
Received: (qmail 5952 invoked from network); 22 Jan 2021 15:28:39 -0000
Received: from 1ess.inri.net (216.126.196.35)
  by inbox.vuxu.org with ESMTPUTF8; 22 Jan 2021 15:28:39 -0000
Received: from mail-ed1-f51.google.com ([209.85.208.51]) by 1ess; Fri Jan 22 10:01:44 -0500 2021
Received: by mail-ed1-f51.google.com with SMTP id j13so6913454edp.2
        for <9front@9front.org>; Fri, 22 Jan 2021 07:01:35 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to;
        bh=3uBFwgQnvRNrDOivkcoIMEWXqfLtt7vsnF+du0AaPNw=;
        b=cqjvfupUR/VMU9TTWy03VEVR0JT4Qk+dkYlxinD87C3RhN99n1JimMPJ0W0EERjeAr
         5pIb2kiDh7BKfF+0nbc3ZRUgvx3uwg8GbkBupBn8AOqrTnQZUkaBQseggja2H0eSCMyl
         mkGnIIuC47s0ei4GFamUsSzadku6ETghxugOR9V63bU8sNub0Q/ePwMa5Gb5XbKE5mdp
         wg06eB3XvQs9bO6OTN/qbJUTy5MiLDyQnFgswMx3dgj/QxEERQBPtEuc48CXr/N62nnB
         VpWinooOFhPvdxQFrpanoqhbigNurg47e4KGBCa1HWp8BHWSdUSD+JllzYCTD/GxQpjz
         0yXg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to;
        bh=3uBFwgQnvRNrDOivkcoIMEWXqfLtt7vsnF+du0AaPNw=;
        b=FfxaSKVY7+9JC89HENsl3rpHZtedXSc3nil92gWmMWeKWlYFVSfSw0aUPUHPS4MFls
         9wxRPJGo8A6n0GQHM5RZT3y7UPFIUfC/gdkOMMVGlj2L0l22WBYIqgek0XWtqfYL6Cxr
         x84tePJhp++mk0nP+73n1icMOSQejq4bSTkcxvHlwYKv012gJmsYfyeTR30MiS9utbdc
         SnQEG6BKm3ZMwo31IAWYrBp4my+M7zSzA7hF8YE5cPtSR/jRjjHsm3NBQIOHknXW9lSR
         ggsVaR0teGmEY2aWTlhVhhqui9r0nB798l4DP7yyFEearT4IbYfThz9koJs0+saF6cXM
         +kBw==
X-Gm-Message-State: AOAM5328+ho5i5wFoZX2JnwR957YM+HAVKK4NLzlTD8IQjrtzUVlRM+m
	hCGdem4UjvVXvGOUEMnTy8Foigx2S8Q4SitU3E3vjL4jkSg=
X-Google-Smtp-Source: ABdhPJziuatqp2LqWSLQ7dFggh6mnDBGlT9C/80oNO4Iy4XRKZ6Ej79SvJJGP+aEIewad+pmpgQuBX3wH5WqGZobk/4=
X-Received: by 2002:a05:6402:139a:: with SMTP id b26mr3544843edv.47.1611327694776;
 Fri, 22 Jan 2021 07:01:34 -0800 (PST)
MIME-Version: 1.0
Received: by 2002:a17:906:3f91:0:0:0:0 with HTTP; Fri, 22 Jan 2021 07:01:34
 -0800 (PST)
In-Reply-To: <7AF49F1D-0B66-4C09-B7BA-32FB34872CAF@stanleylieber.com>
References: <154A2B81E5307985989F46BE958ACBAC@eigenstate.org>
 <e3731a6b-536f-4eeb-b4ff-99fbf4b1dd4d@sirjofri.de> <F5EE84AC-F5A1-4495-A750-F9B0B4C507A5@stanleylieber.com>
 <CAFSF3XMA8MW8JHzNCKzJjqi236Jm6cHB30BpMx9fs4vzMHBarw@mail.gmail.com>
 <84C199F8-15A4-4434-AD56-A35AB5CC6F4A@stanleylieber.com> <CAFSF3XMA3k7QQLunbbgdKpebtKdFiOqty=Ndk+2S2igOhuJwcg@mail.gmail.com>
 <CAFSF3XM5cYHSjQnw0q1NUB1Mp_TqCz9VDE5T1RC6xEdjH5urcA@mail.gmail.com>
 <A3D46C22-70B4-4CA3-8D5E-9496A0DB9DB4@stanleylieber.com> <CAFSF3XNxBtaffs4XVGLvdnD9bb=Rm1jbx6CDDBgQDK0+eBkqjg@mail.gmail.com>
 <7AF49F1D-0B66-4C09-B7BA-32FB34872CAF@stanleylieber.com>
From: hiro <23hiro@gmail.com>
Date: Fri, 22 Jan 2021 16:01:34 +0100
Message-ID: <CAFSF3XOGL2B68KYpAheRvwW2GEFHan=2rSu8CZB=xcXndL6+VQ@mail.gmail.com>
To: 9front@9front.org
Content-Type: text/plain; charset="UTF-8"
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: cache plugin just-in-time generator 
Subject: Re: [9front] user none: cwfs vs hjfs
Reply-To: 9front@9front.org
Precedence: bulk

well there's a lot of truth in that joke.

and it really does look like they thought about proper security
concepts. but providing a nice basis, an OS, and making sure every
program uses it correctly are two different things.

it might be that this dissonance can be explained some other way. for
example if the people involved in making the email stuff were
different folks, who didn't know how to fit into that security
architecture.

as email has proven to be a longer-term thing after all, perhaps it's
worth fixing the broken upas assumptions so that upas fits again with
the rest of this system.

On 1/22/21, Stanley Lieber <sl@stanleylieber.com> wrote:
> On January 22, 2021 4:14:24 AM EST, hiro <23hiro@gmail.com> wrote:
>>> do you seriously not follow what i'm saying here or are you just trying
>>> to
>>> map out a solution?
>>
>>i was trying to imagine out loud how the existing security
>>architecture could be utilized as fully as possible.
>>
>>i am not saying it is the best solution, just trying to stay on the
>>track that the bell-labs people have laid out.
>>
>>i am not saying we didn't break it. but if we know the intent of the
>>basic architecture we might be able to fix it without creating a
>>second system.
>>
>
> yeah, i'm with you there. i really think they just tried to sidestep this
> whole issue by stipulating anyone with fs access was trusted. remember the
> "joke" about securing the fs by locking the server room door?
>
> sl
>