summaryrefslogtreecommitdiff
path: root/open_issues/translators_set_up_by_untrusted_users.mdwn
diff options
context:
space:
mode:
Diffstat (limited to 'open_issues/translators_set_up_by_untrusted_users.mdwn')
-rw-r--r--open_issues/translators_set_up_by_untrusted_users.mdwn21
1 files changed, 21 insertions, 0 deletions
diff --git a/open_issues/translators_set_up_by_untrusted_users.mdwn b/open_issues/translators_set_up_by_untrusted_users.mdwn
index 36fe5438..97f48bba 100644
--- a/open_issues/translators_set_up_by_untrusted_users.mdwn
+++ b/open_issues/translators_set_up_by_untrusted_users.mdwn
@@ -324,3 +324,24 @@ do bear some similarity with the issue we're discussing here.
<youpi> it should be one's normal right to change the view one has of it
<antrik> we discussed that once actually I believe...
<antrik> err... private namespaces I mean
+
+IRC, freenode, #hurd, 2011-09-10:
+
+ <cjuner_> I am rereading Neal Walfield's and Marcus Brinkman's critique of
+ the hurd on mach. One of the arguments is that a file system may be
+ malicious (by DoS its clients with infinitely deep directory
+ hierarchies). Is there an answer to that that does not require programs
+ to be programmed defensively against such possibilities?
+
+IRC, freenode, #hurd, 2011-09-14:
+
+ <antrik> cjuner: regarding malicious filesystems: the answer is to do
+ exactly the same as FUSE on Linux: don't follow translators set up by
+ untrusted users by default
+ <cjuner> antrik, but are legacy programs somehow protected? What about
+ executing `find`? Or is GNU's find somehow protected from that?
+ <antrik> cjuner: I'm talking about a global policy
+ <cjuner> antrik, and who would implement that policy?
+ <antrik> cjuner: either glibc or the parent translators
+
+Continued discussion about [[resource_management_problems/pagers]].