On 4/15/05, Shevek <[EMAIL PROTECTED]> wrote:
> > How can dropping a privilege for the duration of a (dynamic) scope be
> > implemented? Does this need to be implemented via a parrot intrinsic,
> > such as:
> >
> > without_privs(list_of_privs, code_to_be_run_without_these_privs);
> >
> > ..or is
On Thu, 2005-04-14 at 09:11 -0400, Dan Sugalski wrote:
> At 10:03 PM -0400 4/13/05, Michael Walter wrote:
> > > Each running thread has two sets of privileges -- the active
> >> privileges and the enableable privileges. Active privs are what's
> >> actually in force at the moment, and can be dr
On Wed, 2005-04-13 at 22:03 -0400, Michael Walter wrote:
> Dan,
>
> On 4/13/05, Dan Sugalski <[EMAIL PROTECTED]> wrote:
> > All security is done on a per-interpreter basis. (really on a
> > per-thread basis, but since we're one-thread per interpreter it's
> > essentially the same thing)
> Just to
On Thu, 2005-04-14 at 09:51 -0700, Dave Whipp wrote:
> Dan Sugalski wrote:
>
> > All security is done on a per-interpreter basis. (really on a per-thread
> > basis, but since we're one-thread per interpreter it's essentially the
> > same thing)
> ...
> >* Number of open files
> >* IO ope
On Wed, 2005-04-13 at 17:51 -0400, Aaron Sherman wrote:
> On Wed, 2005-04-13 at 17:01, Dan Sugalski wrote:
> > So here's what I was thinking of for Parrot's security and quota
> > model. (Note that none of this is actually *implemented* yet...)
> [...]
> > It's actually pretty straightforward, the
Someone's pointed this thread out to me, so I'm going to shove an oar in
following a few posts. I've done a fair bit of security work, so feel
free to ask me to explain, justify or provide references for anything.
On Wed, 2005-04-13 at 17:01 -0400, Dan Sugalski wrote:
> All security is done on a p
On Thu, 2005-04-14 at 13:22 -0400, Dan Sugalski wrote:
> Anyway, a number of people I deeply respect (and who do this sort of
> thing for a living, at deep levels) have told me flat-out that we're
> better not having a security system than we are trying to roll our
> own, and the common respons
At 9:51 AM -0700 4/14/05, Dave Whipp wrote:
Dan Sugalski wrote:
All security is done on a per-interpreter basis. (really on a
per-thread basis, but since we're one-thread per interpreter it's
essentially the same thing)
...
* Number of open files
* IO operations/sec
* IO operations total
At 5:51 PM -0400 4/13/05, Aaron Sherman wrote:
On Wed, 2005-04-13 at 17:01, Dan Sugalski wrote:
So here's what I was thinking of for Parrot's security and quota
model. (Note that none of this is actually *implemented* yet...)
[...]
It's actually pretty straightforward, the hard part being the wh
Dan Sugalski wrote:
All security is done on a per-interpreter basis. (really on a per-thread
basis, but since we're one-thread per interpreter it's essentially the
same thing)
...
* Number of open files
* IO operations/sec
* IO operations total
...
Can an "application" get more resources
At 10:44 AM -0400 4/14/05, Aaron Sherman wrote:
On Thu, 2005-04-14 at 09:11, Dan Sugalski wrote:
At 10:03 PM -0400 4/13/05, Michael Walter wrote:
>On 4/13/05, Dan Sugalski <[EMAIL PROTECTED]> wrote:
>> All security is done on a per-interpreter basis. (really on a
>> per-thread basis, but sin
On Thu, 2005-04-14 at 09:11, Dan Sugalski wrote:
> At 10:03 PM -0400 4/13/05, Michael Walter wrote:
> >On 4/13/05, Dan Sugalski <[EMAIL PROTECTED]> wrote:
> >> All security is done on a per-interpreter basis. (really on a
> >> per-thread basis, but since we're one-thread per interpreter it's
> >
At 10:03 PM -0400 4/13/05, Michael Walter wrote:
Dan,
On 4/13/05, Dan Sugalski <[EMAIL PROTECTED]> wrote:
All security is done on a per-interpreter basis. (really on a
per-thread basis, but since we're one-thread per interpreter it's
essentially the same thing)
Just to get me back on track: Does
Dan,
On 4/13/05, Dan Sugalski <[EMAIL PROTECTED]> wrote:
> All security is done on a per-interpreter basis. (really on a
> per-thread basis, but since we're one-thread per interpreter it's
> essentially the same thing)
Just to get me back on track: Does this mean that when you spawn a
thread, a se
On Wed, 2005-04-13 at 17:01, Dan Sugalski wrote:
> So here's what I was thinking of for Parrot's security and quota
> model. (Note that none of this is actually *implemented* yet...)
[...]
> It's actually pretty straightforward, the hard part being the whole
> "don't screw up when implementing" t
So here's what I was thinking of for Parrot's security and quota
model. (Note that none of this is actually *implemented* yet...)
All security is done on a per-interpreter basis. (really on a
per-thread basis, but since we're one-thread per interpreter it's
essentially the same thing)
QUOTAs a
16 matches
Mail list logo
