From mboxrd@z Thu Jan 1 00:00:00 1970 From: bakul@bitblocks.com (Bakul Shah) Date: Mon, 25 Sep 2017 09:14:13 -0700 Subject: [TUHS] UNIX of choice these days? In-Reply-To: References: <20170923091704.GD10152@darioniedermann.it> <20170924140617.GG28606@mcvoy.com> <20170924203621.GA80203@wopr> <49B7FCB8-A086-4FFB-AF3B-4B3BD167EC54@bitblocks.com> <20170925005702.38377156E523@mail.bitblocks.com> Message-ID: <94BE6C6C-9625-4614-A92C-1741A55DA390@bitblocks.com> I have known about capsicum (& have been a fan of capabilities since late 70s - even used a form of them in my last job!) but my point was to suggest unix kernel simplification and something like that may fall out naturally rather than having to be bolted on. Rather than write an OS from scratch, incrementally evolve what works. Writing something from scratch is always easier but you also end up relearning the same lessons + much harder to get acceptance. But an embrace and extend model ala C to C++ or what GNU programs have done stands a better chance. Except that I’m suggesting “extending” by simplifying! > On Sep 25, 2017, at 8:45 AM, Tony Finch wrote: > > Bakul Shah wrote: >> >> I think a few changes can make Unix much more plan9 like. >> Things like: file descriptors are actually capabilities (or >> handles, for short) and each process starts with a set of >> handles and it can only reach those resources that its handles >> allow. It can also gain new handles via operations on existing >> handles. Right here you can see that a process is already >> sandboxed. You don't need containers or jails! > > You can opt-in to this way of working by using the capsicum API, > http://www.cl.cam.ac.uk/research/security/capsicum/ > but that's really intended for programs to discipline themselves rather > than as something pervasive. > > Tony. > -- > f.anthony.n.finch http://dotat.at/ - I xn--zr8h punycode > Portland, Plymouth, Biscay: Northwest 4 or 5, becoming variable 3 or 4 later. > Moderate or rough, becoming slight or moderate. Mainly fair. Moderate or good.