Re: secure computing for 2.6.7

From: Andrea Arcangeli
Date: Tue Oct 12 2004 - 12:56:59 EST

Next message: bert hubert: "Re: 2.6.9-rc4 USB storage problems"
Previous message: Jeff Garzik: "Re: [PATCH] QStor SATA/RAID driver for 2.6.9-rc3"
In reply to: Rik van Riel: "Re: secure computing for 2.6.7"
Next in thread: Rik van Riel: "Re: secure computing for 2.6.7"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Oct 12, 2004 at 12:28:48PM -0400, Rik van Riel wrote:
> Looks like it should work, though really only for the
> purposes of cpushare and nothing else.

in the short term I sure agree, and in my humble opinion this is true
for trusted computing too.

However as said boinc and seti would better start using it too.

And people could start using it for other things too every time they
deal with untrusted data or bytecode. The parsing untrusted data case is
especially easy since it won't even require the seccom-loader (since the
executable is trusted before it starts managing the untrusted data
coming from the network). For example you can parse the jpeg into a
seccomp mode task, that gets the jpeg in input of the pipe and it throws
the uncompressed bitmap in output ready to be written in the
framebuffer. Basically every decompression scheme can run in a task
running in seccomp mode and for most usages the only risk is to see or
listen to garbage, but no exploit once the raw data is pushed into the
hardware as "raw data".
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: bert hubert: "Re: 2.6.9-rc4 USB storage problems"
Previous message: Jeff Garzik: "Re: [PATCH] QStor SATA/RAID driver for 2.6.9-rc3"
In reply to: Rik van Riel: "Re: secure computing for 2.6.7"
Next in thread: Rik van Riel: "Re: secure computing for 2.6.7"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]