in some cases, plan 9's coincidental inability to run modern programs that do unpredictable and undesirable things is a useful feature. mothra, for example, doesn't even handle many html tags, but it also doesn't execute unknown server-supplied code on my terminal. how can i be sure? because the program is small enough to read and understand, and, having done so, i can be reasonably certain that it contains no code to do so. quite aside from having the functions accidentally or surreptitiously enabled, the functions simply don't exist. with most modern "useful" programs (and their dependencies), understanding the code isn't a valid approach to security, because your lifetime is too short a span to read -- much less comprehend -- the contents of the source directory. this is compounded by numerous and constant revisions to already unreadably massive piles of code.
what does a given useful program do? who can really say? harvey seems interesting, but its main objective seems inextricably tied to throwing the strength of plan 9's simplicity and relative isolation out the window. sl On Jul 27, 2015, 10:34 AM, at 10:34 AM, Charles Forsyth <[email protected]> wrote: >On 27 July 2015 at 15:19, Anthony Sorace <[email protected]> wrote: > >> (for many, it’s pretty >> much just a browser) >> > >One of the reasons mere POSIX isn't enough is that there are many >non-POSIX >tendrils that have worked their way throughout the system, >notably d-bus and now systemd, but there are many others, and the "just >a >browser" has started to interact with all of them. >https://code.google.com/p/chromium/issues/detail?id=388628
