Jonathan S. Shapiro wrote on 10/26/2005 05:28 PM this: > On Wed, 2005-10-26 at 16:13 +0200, Alfred M. Szmidt wrote: > >> Web browsers >> Email readers >> Word processors >> Document browsers (e.g. acrobat, xpdf, ghostview) >> >>All those run in a jail of sorts: the current user. What would be >>nifty is a way to allow a user to make sub-users, where he can >>encapsulate a program and only give write/read access to a specific >>directory. Which is possible to do with any extensive rewrites I >>think. > > > Typo: I believe you meant to write "... *without* any extensive > rewrites" > > I have often thought about doing something like this, because it would > be very attractive to be able to rescue the design model of current > systems. Here is what I believe it would take: > > 1. A model of "user" that is hierarchical, in the sense that I can > add and destroy new pseudo-users that are subordinate to me. > > 2. A real ACL implementation in the file systems > > 3. A very efficient way to visit all of the files that *I* have access > to and grant access to a new, subordinate user. > > I have always failed to achieve the third part. If the actual number of > necessary configurations can be kept very small, I can see that a > statically preconfigured "safe subset" is possible. What I do not see is > how to efficiently build a similar thing dynamically, in a way that is > specific to the particular application that I am trying to run at the > moment. By the time my protection agent is done visiting all of the > necessary files, I have taken far longer than I can afford. Maybe I am missing something, but a concept which comes to my mind that could solve the third part, is a concept published in [1].
[1] http://os.inf.tu-dresden.de/papers_ps/icdcs97.ps.gz Haertig, Reuther: "Encapsulating Mobile Objects" (ICDCS, 1997) Greetings, Ron. -- Mit freundlichen Gruessen / with regards ra3 @ inf.tu-dresden.de http://os.inf.tu-dresden.de/~ra3/ _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
