At Wed, 13 Jul 2005 18:17:31 +0200, [EMAIL PROTECTED] (Ludovic Courtès) wrote: > Marcus Brinkmann <[EMAIL PROTECTED]> writes: > Only in some cases do processes need to have "absolute authenticity" > proofs, that is, authenticity wrt. what the machine's administrator > intends to do. For instance, `passwd' needs to make sure the data it is > accessing is the one _it_ created earlier.
Ah, nice observation. But even that is relativ of course: What if I run a sub-hurd under my own user ID: With my own authentication server, root filesystem etc? Then of course the enclosed passwd wants to use the passwd file from _that_ root filesystem... > (I guess persistence comes > in handy here because such sensitive programs do not need to expose > their state publicly and need not rely on an authentic file server.) Yeah, persistency seems to be help a lot here. > It looks like I'm just repeating the same things over, but it really > helps me understand the issue. ;-) Nah, we are still fine tuning it :) Marcus _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
