On the debate on which windowing systems to support....
On Mon, 26 Jun 2000, you wrote:
> Implementing some Unix environment and telling customers that
> we can run all of their old code.
> The security problems of Unix are in parts of the Unix architecture
> that legacy code may have been closely adapted to.
> The result will probably be an insecure system that is slower than Unix.
> (Slower due to Unix emulation)
> At least some of the legacy application must be redone in order to
> gain security advantages of Eros/Keykos.
> Great gobs of legacy code may remain unaffected.
I had a debate with the project manager of openbsd (Theo DeRaadt) about eros where I was the eros cheerleader. I'm paraphrasing his opinion here.... he said that essentially if eros chooses to implement a posix mode in it then it is fundamentally doomed to inherit all the security vulnerabilities that are inherent in the design of posix - which are seemingly impossible to remove. Though I don't know as much about posix as he does, I also share his opinion.
IMHO The more you choose to reimplement, the more potential security and reliability improvement you gain, but also the more development hassle and potential insecurity through complex newness you take on... but dumping posix compatibility from the requirements seems to be a good thing. I'm all for it in eros. Otherwise everyone working on eros will be merely duplicating openbsd's work in building, a secure posix os. Not to say that two secure posix os's would be bad - much better than todays 0.8. But variety is the spice of life and more kinds of secure and reliable OSes are a good thing, methinks. It would be nice to wander outside the confines of posix....
my 2c,
--dr
-- dursec.com ltd. / kyx.net - we're from the future http://www.dursec.com