Shaun,

While I've just been skimming this discussion, I felt the need to respond to
one of the points you make:

> While I can see your point here, from the OS's perspective a user doesn't
> need to be protected from themselves.

On the contrary -- process separation is one of the fundamental concepts in
modern operating systems. If you have the misfortune of remembering the DOS 5
/ Windows 3.0 days, you'll appreciate how important this function is. The
need to protect the user from something running with their privileges is also
important for protecting against Trojan horses, such as Outlook-based mail
worms. The easiest way to protect against such attacks is via sandboxing.

While I personally would like to see such sandboxing functionality integrated
directly into operating systems, it can be added via a third-party extension,
such as Janus for Solaris and Linux, or one of the PFW products for Windows.

Terry

use StandardDisclaimer.pm

[ reply ]