[cap-talk] The Hurd and Capabilities

Neal H. Walfield neal at walfield.org
Thu Aug 10 06:06:46 EDT 2006

At Wed, 02 Aug 2006 17:20:09 -0700,
Jed at Webstart wrote:
> Regarding the Hurd and capabilities - has anybody done a network
> extension of capabilities for the Hurd?  Nobody on this should be
> surprised to hear me say that I believe such an extension should
> be written and tested before any Hurd capability mechanism is
> "finalized".  If it has been done I'd be very interested to hear how it
> went.  If not I'd like to know why not.

The Hurd, in its current form, runs on top of Mach and uses Mach's
ports as the basis of its capability framework.  Mach supported
network transparent IPC and there is no Hurd policy from preventing
such a mechanism from being reintroduced.

> Is there a general summary of capabilities in the Hurd somewhere?

I, in conjunction with Marcus Brinkmann, am currently writing a
critique of the Hurd's architecture.  My question was spurned from
this effort.  Since you're interested, I will forward you the document
as it approaches a more finalized form.

> Does anybody believe the Hurd has a chance to be a capability base
> to build from that many of us are looking for (why or why not?)?

On of the forming goal of the Hurd was to build a system which
improved ease of use.  Unix mechanisms, it was observed, often imposed
arbitrary policies.  Why can't users create their own file systems,
for instance?  The question the Hurd designers tried to answer was:
how can we eliminate the inconvenient policies from the mechanisms?
Fine grained objects and virtualizable interfaces were the answer they
came up with.

Security is mentioned as an important goal [1]: neither programs nor
users should be able to harm each other.  This conception of security
contrasts itself quite sharply with security as information flow
control policy.  His experiences accrued during the 80s and the very
start of the 90s informed the case studies used in designing and
evaluating the Hurd and likely did not include malicious threats.

> I'd particularly like to know how far this statement goes:
> (from: http://www.gnu.org/software/hurd/hurd.html ):
> it's compatible
>      The Hurd provides a familiar programming and user environment. 
> For all intents and purposes, the Hurd is a modern Unix-like kernel. 
> The Hurd uses the GNU C Library, whose development closely tracks 
> standards such as ANSI/ISO, BSD, POSIX, Single Unix, SVID, and X/Open.

This is true.  If you look at the Debian distribution of the Hurd,
many of the problems getting packages to run on the Hurd are that the
software assumes or requires Linux.  It is rarer that where the Hurd
diverges from e.g. POSIX proves a practical problem.


[1] http://www.gnu.org/software/hurd/hurd-paper.html

More information about the cap-talk mailing list