Date: Tue, 22 Dec 1998 01:12:49 +0100 From: Eivind Eklund <eivind@yes.no> To: Mark Murray <mark@grondar.za>, Matthew Dillon <dillon@apollo.backplane.com> Cc: Dag-Erling Smorgrav <des@flood.ping.uio.no>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG Subject: Re: cvs commit: src/etc rc.conf Message-ID: <19981222011249.I14124@follo.net> In-Reply-To: <199812212113.XAA63667@greenpeace.grondar.za>; from Mark Murray on Mon, Dec 21, 1998 at 11:13:26PM %2B0200 References: <199812212012.MAA47267@apollo.backplane.com> <199812212113.XAA63667@greenpeace.grondar.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Dec 21, 1998 at 11:13:26PM +0200, Mark Murray wrote: > The "sandbox" concept in Unix is quite badly flawed. Given that in > Java it is difficult enough to implement properly, trying to do it > in Unix is JA impossible. The next-best approach is to fix the > software, not break the OS. Running Unix software in sandboxes is a good thing, as long as it is as _part_ of a security setup. You're not supposed to be using this as an excuse to not fix the other software - you're supposed to use it as a way of making sure that a problem in your other fix will have less impact. Normal layered security models. Eivind. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19981222011249.I14124>