From owner-freebsd-hackers@freebsd.org Sun Jan 6 20:28:03 2019 Return-Path: Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 325B91499899 for ; Sun, 6 Jan 2019 20:28:03 +0000 (UTC) (envelope-from wojtek@puchar.net) Received: from puchar.net (puchar.net [194.1.144.90]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "puchar.net", Issuer "puchar.net" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 00B828DB4C; Sun, 6 Jan 2019 20:28:01 +0000 (UTC) (envelope-from wojtek@puchar.net) Received: Received: from 127.0.0.1 (localhost [127.0.0.1]) by puchar.net (8.15.2/8.15.2) with ESMTPS id x06KS6kZ067693 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sun, 6 Jan 2019 21:28:06 +0100 (CET) (envelope-from puchar-wojtek@puchar.net) Received: from localhost (puchar-wojtek@localhost) by puchar.net (8.15.2/8.15.2/Submit) with ESMTP id x06KS04d067690; Sun, 6 Jan 2019 21:28:00 +0100 (CET) (envelope-from puchar-wojtek@puchar.net) Date: Sun, 6 Jan 2019 21:28:00 +0100 (CET) From: Wojciech Puchar To: Cy Schubert cc: Wojciech Puchar , Enji Cooper , Igor Mozolevsky , Alan Somers , Hackers freeBSD Subject: Re: Strategic Thinking (was: Re: Speculative: Rust for base system components) In-Reply-To: <201901061944.x06JiTwK004880@slippy.cwsent.com> Message-ID: References: <201901061944.x06JiTwK004880@slippy.cwsent.com> User-Agent: Alpine 2.20 (BSF 67 2015-01-07) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed X-Rspamd-Queue-Id: 00B828DB4C X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of wojtek@puchar.net designates 194.1.144.90 as permitted sender) smtp.mailfrom=wojtek@puchar.net X-Spamd-Result: default: False [-6.85 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-0.999,0]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+mx]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[puchar.net]; RCPT_COUNT_FIVE(0.00)[6]; RCVD_COUNT_THREE(0.00)[3]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: puchar.net]; NEURAL_HAM_SHORT(-0.98)[-0.977,0]; RCVD_IN_DNSWL_NONE(0.00)[90.144.1.194.list.dnswl.org : 127.0.10.0]; IP_SCORE(-3.57)[ip: (-9.41), ipnet: 194.1.144.0/24(-4.70), asn: 43476(-3.76), country: PL(0.03)]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:43476, ipnet:194.1.144.0/24, country:PL]; MID_RHS_MATCH_FROM(0.00)[] X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Jan 2019 20:28:03 -0000 >> I use separate processes and don't feel the lack of security. I don't use >> capsicum too. > > Really? Explain, please. What to explain. I run program A as user A and program B as user B. Access rights on user A $HOME is 700 as well as user B. Both programs (it may be apache server) listens to some port on localhost One proxy servers presents them to outer world as webpage A and B. That's all. >> Could you explain it more precisely why standard process and user/group >> separation is insufficient? > > Why then did the industry move from mainframes to the client/server > model? > I don't understand what your question have to running programs on different users under unix. Mainframes are IBM System z or earlier computers. Very expensive. >> If something could be added then it would be limiting what ports can each >> user open. But it's not really a problem. > > The UNIX security model, even with ACLs, POSIX.1e, and capsicum, sucks. No explanation why. For me it's the best model i know. >> be made. > > They're self contained, linked against libraries in the container. So it should be possible to just put them on user account with all their files and run them. Unless author assumed it needs root privileges which is plain wrong. > > When you do your own thing you become irrelevant. Lucky for me I'm > close enough to retirement it doesn't matter however if I was younger Strange that you are not young and don't see that all of today "inventions" are solutions to nonexisting problems. >> >> Anyway if they prefer linux let they use linux. > > And 95% of the UNIX-like world does. Should we give up and become a > hobby O/S, like some other examples we can think of? The alternative is to become the same as linux which doesn't make sense.