On Feb 13, 2006, at 6:28 PM, Joshua Hoblitt wrote:
On Mon, Feb 13, 2006 at 08:09:45PM -0000, Jonathan Worthington wrote:
I agree with Chris on minimising the amount of places we do security
stuff
as far as is sensible. However, I would think that the interface for
doing
sandboxing style stuff would allow restriction of certain types of
operation (e.g. filesystem access) rather than individual operations
though, so as to help eliminate the moving target issue.
It's pretty clear from this thread that we are underspeced on both the
I/O and security subsystems. Hopefully Chip can chime in on this...
-J
IO's underspeced, docs/ROADMAP.pod lists many TODO's regarding the IO
subsystem(and is outdated). Socket support isn't speced, and directory
handling isn't speced at all. The security pdd is outdated and seems
more concept and imagining possibilities than saying how it should be
implemented. In essence, from what I can tell, if it's not implemented
yet, it seems as though it's underspeced for how it should be.
