TrustedBSD Extensions Project
stanislav shalunov
shalunov at att.com
Wed Apr 12 23:41:17 GMT 2000
> From: David Collier-Brown - Sun Canada <davecb at scot.canada.sun.com>
> stanislav shalunov <shalunov at att.com> wrote:
> | Traditional unix filesystem semantic provides the capability of
> | "including or excluding access to the granularity of a single user."
> | Only root can do it,
>
> Could you expand on this? I've been around since v6,
> but I don't recollect seeing it...
I am referring simply to the ability to create a group and place
arbitrary set of users into it (and chgrp the necessary filesystem
object(s)).
> | No. You ask to transfer this data to SCSI ID 3, block 45467.
> | The controller decides to write to SCSI ID 1, block 45467.
>
> That's interesting... if it was intentional, it would be a
> covert channel. [If it were unintentional and probabalistic,
> it would crash your filesystem eventually, and so get caught
> by QC or an enraged user.]
It could be a rare probabilistic hardware failure. (And was initially
an illustration of the trivial fact that without hardware verification
no software measures are enough.)
> | Why would I buy anything from HP?
> Well, performance, price and reliability, for three (;-))
Right. Last time I talked to HP salespeople, they were trying to sell
us a High Availability Storage Solution for a little over $1M. It
used a single M$ Windows 98 PC as a firewall into the internals of the
storage system, which also served as monitoring and administration
station.
I'm not kidding.
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message
More information about the trustedbsd-discuss
mailing list