[EROS-Arch] Error logging
Ben Laurie
ben@algroup.co.uk
Tue, 25 Sep 2001 20:16:44 +0100
"Jonathan S. Shapiro" wrote:
>
> > OK, I see what you are saying - but since the TCB is in the hands of
> > (one of) the user(s), all the inner workings are surely already
> > available to the user(s), are they not?
>
> Not in the normal case. Much of the TCB is only accessable under disk
> forensics, because it is controlled by primordial software. How many people
> do you know who are willing to run fsdb? It's really easy to permanently
> screw up a disk with fsdb!
>
> This is not an absolute impediment, but it presents to the user a level of
> both technical difficulty and practical risk that for many developers it
> constitutes an acceptable disincentive to discovery.
I'm all for pragmatism, but basing your security primitives on such
ideas seems erroneous to me.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff