Friendly and Secure Desktop Operating System
Terry Lambert
tlambert2 at mindspring.com
Tue Oct 28 22:16:19 PST 2003
Timo Sirainen wrote:
> That is the potentially difficult part to get secure while still being
> user friendly.
Actually, the potentially difficult part is booting.
In order to boot, you have to have an initial delegation of all
authority to something that is allowed to redelegate it to other
parts of the system, applications, etc..
It also has to be the intermediary to delegating the authority
to the user who you are trusting to tell you whether or not you
are allowed to delegate authority to arbitrary programs.
Short of building a serial number into each processor, and making
it an unpriviledged, untrappable machine instruction to obtain
the serial number from the processor and then use it to be able
to cryptographically implement (without having to actually trust
the kernel you are running on, authentication, authorization, and
non-repudiation (this last one is the stumbling block for privacy
advocates and the love-child of the RIAA and MPAA), there's really
no way to accomplish any of this reliably.
-- Terry
More information about the freebsd-advocacy
mailing list