Re: kernel stack challenge

From: Kevin Fox
Date: Mon Apr 05 2004 - 16:54:41 EST

Next message: Andrew Morton: "Re: [patch] v4l: documentation update"
Previous message: Christian Kujau: "Re: 2.6.5-pre* does not boot on my PReP PPC"
In reply to: Sergiy Lozovsky: "Re: kernel stack challenge"
Next in thread: Robin Rosenberg: "Re: kernel stack challenge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 2004-04-05 at 14:30, Sergiy Lozovsky wrote:
> --- Timothy Miller <miller@xxxxxxxxxxxxxx> wrote:
> >
> >
> > Sergiy Lozovsky wrote:
> >
> > >
> > >
> > > All LISP errors are incapsulated within LISP VM.
> > >
> >
> >
> > A LISP VM is a big, giant, bloated.... *CHOKE*
> > *COUGH* *SPUTTER*
> > *SUFFOCATE* ... thing which SHOULD NEVER be in the
> > kernel.
>
> It is a smallest interpreter (of all purpose language)
> I was able to find. My guess is that you refer to the
> Common Lisp. it is huge and I don't use it.
>

How about BF? ;)

I would think something like forth might be a better fit then lisp.

> >
> > If you want to use a more abstract language for
> > describing kernel
> > security policies, fine. Just don't use LISP.
>
> Point me to ANy langage with VM around 100K.
>
> > The right way to do it is this:
> >
> > - A user space interpreter reads text-based config
> > files and converts
> > them into a compact, easy-to-interpret code used by
> > the kernel.
> >
> > - A VERY TINY kernel component is fed the security
> > policy and executes it.
>
> it is exactly the way it is implemented. Not everyone
> need to create their own security model (that VERY
> TINY kernel component you refer to). But even for
> those who want to modify or create their own VERY TINY
> kernel component - they don't need to do that in C and
> debug it in th kernel crashing it.
>
> >
> > Move as much of the processing as reasonable into
> > user space. It's
> > absolutely unnecessary to have the parser into the
> > kernel, because
> > parsing of the config files is done only when the
> > ASCII text version
> > changes.
> >
> > It's absolutely unnecessary to have something as
> > complex as LISP to
> > interpret it, when something simple and compact
> > could do just as well.
> >
> > Why do you choose LISP? Don't you want to use a
> > language that sysadmins
> > will actually KNOW?
>
> It was is) the smallest VM I know of.
>
> 99% of sysadmins don't need to create their own
> security models. Security polices are created with web
> interface very close to the way you described. So
> sysadmin don't need to know anything about LISP (to
> use predefined security models).
>
> Serge.
>
>
> __________________________________
> Do you Yahoo!?
> Yahoo! Small Business $15K Web Design Giveaway
> http://promotions.yahoo.com/design_giveaway/
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at http://www.tux.org/lkml/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andrew Morton: "Re: [patch] v4l: documentation update"
Previous message: Christian Kujau: "Re: 2.6.5-pre* does not boot on my PReP PPC"
In reply to: Sergiy Lozovsky: "Re: kernel stack challenge"
Next in thread: Robin Rosenberg: "Re: kernel stack challenge"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]