wiz & Dan Sugalski & wiz wrote: > This is a start, which is very good, but I'm pretty sure that this is > taking things from the wrong angle to some extent. > >o In general, if everyone's mostly familiar with just Unix's security model >o I'd really, *really* urge you to read up on other models. Hey Ho !! Solaris being open sourced pretty soon... has those acls, I think. We might have to give them endless grief over that bogus license (see Ben Tilly, etal... he wont talk to me anymore, oops ;) but we can still cut and paste and refine. Security is a subject of endless emotion for me. After a decade working on the top financial insider plums, Moodys Bond Ratings DB for one, I am now working on _the_ most critical installation. None-the-less the creeps running these operations clearly support the scorched earth model (human... which extends to Randal Schwartz)*** So it is w/ anxiety that I say that I dont believe the security model applies to Perl but belongs in the basic module set. Unix provides all the security I need, I am a popular but lonely proponent of SUID wrt CGI's. In my model Perl is tight and quick, virtually all that isnt a primitive is an object emitted from a CPANTS server or read from the disk, preferably in text encapsulating optional machine code, like a tar file (gnu src??). Upon being evaled a (least|most)-recently-used algo decides what resides in storage between power cycles. The distributed core Perl then, is what you need it to be, allowing the tiny and titanic to exist in the same compile environment. I guess the key word for any emitted/received class is _eval_ and that better have some pretty tight authentication, possibly encrytion, around it, defining the core of any security model. My dataserver DepthDB, plays w/ this using basic MD5, the <secret> known on both sides, though I never got around using the B:: modules to serialize code w/ the data structures :( Just as a tease, my perl (possibly ruby) thinman.com uses a dvorak "amputee" keyboard... designed after WWII. It redlines at 60 wpm... fine for the cheat'n factor of my embryonic operations consultancy. Societal Ramble ========================================= *** This crowd seems to hate bicycles as well, I suspect this all has something to do w/ the vietnam war. Truth be told, many got shot in the back for leading senseless attacks.
