Re: [9front] user none: cwfs vs hjfs

[Stanley Lieber <sl@stanleylieber.com>]

On January 22, 2021 10:01:34 AM EST, hiro <23hiro@gmail.com> wrote:
>well there's a lot of truth in that joke.
>
>and it really does look like they thought about proper security
>concepts. but providing a nice basis, an OS, and making sure every
>program uses it correctly are two different things.
>
>it might be that this dissonance can be explained some other way. for
>example if the people involved in making the email stuff were
>different folks, who didn't know how to fit into that security
>architecture.
>
>as email has proven to be a longer-term thing after all, perhaps it's
>worth fixing the broken upas assumptions so that upas fits again with
>the rest of this system.
>
>On 1/22/21, Stanley Lieber <sl@stanleylieber.com> wrote:
>> On January 22, 2021 4:14:24 AM EST, hiro <23hiro@gmail.com> wrote:
>>>> do you seriously not follow what i'm saying here or are you just trying
>>>> to
>>>> map out a solution?
>>>
>>>i was trying to imagine out loud how the existing security
>>>architecture could be utilized as fully as possible.
>>>
>>>i am not saying it is the best solution, just trying to stay on the
>>>track that the bell-labs people have laid out.
>>>
>>>i am not saying we didn't break it. but if we know the intent of the
>>>basic architecture we might be able to fix it without creating a
>>>second system.
>>>
>>
>> yeah, i'm with you there. i really think they just tried to sidestep this
>> whole issue by stipulating anyone with fs access was trusted. remember the
>> "joke" about securing the fs by locking the server room door?
>>
>> sl
>>
>

there is definitely a disconnect between "everyone uses the same fs" and the way they implemented all these services for mere users.

sl