From: Michael Concannon <mike@concannon.net>
To: Luke Kenneth Casson Leighton <lkcl@lkcl.net>
Cc: Chase Venters <chase.venters@clientec.com>,
Marc Perkel <marc@perkel.com>,
linux-kernel@vger.kernel.org
Subject: Re: what's next for the linux kernel?
Date: Thu, 06 Oct 2005 16:13:15 -0400 [thread overview]
Message-ID: <4345855B.3@concannon.net> (raw)
In-Reply-To: <20051006192857.GV10538@lkcl.net>
Luke Kenneth Casson Leighton wrote:
>On Thu, Oct 06, 2005 at 11:10:55AM -0400, Michael Concannon wrote:
>
>
>
>>All good points, but perhaps the most compelling to me is that virtually
>>every successful windows virus out there does its real damage by
>>modifying the registry to replace key actions, associate bad actions
>>with good ones and just generally screw the system up...
>>
>>
>
> the damage is done because "admin" rights are forced out of the control
> of the users and sysadmins and into the hands of the dumb-ass app
> writers, for both the setup stage and then the actual day-to-day
> usage of the app!
>
> the registry on NT has ACLs - which are completely irrelevant as far as
> users running as admin are concerned (because the dumb-ass app writers
> force them to).
>
> the nt registry - imagine it to be .... _like_ a filesystem, or _like_
> an LDAP server.
>
> except with proper ACLs and access controls [which everyone bypasses
> because duh it's windows duh, not because it's impossible to do a decent
> job with the API and its implementation].
>
>
No question that one could limit the damage with various tweaks to
permissions and access controls, but it is the very centralization of
information with such vastly disparate purposes (into a single file)
that is the flaw here...
You can view it, think about it and talk about it as a "file-system" and
that is fine.. much like /proc or sysfs, but when the system crashes:
1. It _is_ a file: registry.dat
2. It is a binary file at that...
3. That file has become a dumping ground for everything that every app
thinks is "important" and of course every app writer thinks everything
they write is the most important thing ever - I am sure a have never
done such a thing :-)
I guess you could argue that #3 is the fault of the app writers and not
the architecture, but clearly the current state is the result of those
app writers traveling the path of least resistance, so viewed as a whole
the architecture is to blame regardless... While it may be wrong for
people to steal money left on a table out in front of the bank, the bank
should have known that this would result and put the money inside...
#2 is an issue because of the complexity of the system which must be
function to perform the most basic functions of system recovery...
If you can boot a floppy/pendrive/cd and mount it with vi then it is a
disk in need of service...
If you cannot, it is a brick in need of re-installation...
I have booted linux a number of times with an NT drive as a slave and
recovered it. I have not ever done the inverse...
I hate vi with a passion, more often than not, I have to hit :q! a few
times before I remember what I have to type, but the fact is, it works
when nothing else does and it has saved a lot of systems for me...
#2 is also an issue of security because with very simple and reliable
tools, one can track and monitor changes to key files, one can impose
any level of security with any level of granularity (perhaps too many
grains with SELinux, but that is your choice). Before there was
tripwire, there were lots of people who wrote basically the same thing
in plain simple shell/perl scripts and it worked...
#2 is also an issue of backup and restoration... If it is a
file-system, it does not provide any useful methods of incremental
backup and restoration...
There is no equivalent of:
cd etc/xinet.d ; cvs update -A
/etc _is_ a filesystem with all the benefits that come with it...
/tmp is also a great file-system and a much better place to cache all
that "important" application specific temporary data... If they want to
save state, there is:
/etc/<appname>.conf for site-wide setups
~/.<appname> for user-specific state...
I was trying to stay out this thread - clearly I failed :-) No value
judgement intended for any of the comments made, this thread is a like a
car accident on a busy highway... everyone knows they are slowing
things down by looking, but they cannot look away...
/mike
> l.
>
>
>
next prev parent reply other threads:[~2005-10-06 20:13 UTC|newest]
Thread overview: 241+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-10-02 20:47 what's next for the linux kernel? Luke Kenneth Casson Leighton
2005-10-02 21:05 ` Rik van Riel
2005-10-02 23:05 ` Luke Kenneth Casson Leighton
2005-10-02 23:26 ` Rik van Riel
2005-10-03 1:26 ` Luke Kenneth Casson Leighton
2005-10-03 1:53 ` Rik van Riel
2005-10-02 23:37 ` Vadim Lobanov
2005-10-03 0:54 ` Luke Kenneth Casson Leighton
2005-10-03 1:20 ` Vadim Lobanov
2005-10-03 1:47 ` Al Viro
2005-10-03 1:50 ` Vadim Lobanov
2005-10-03 1:53 ` Al Viro
2005-10-03 2:00 ` Luke Kenneth Casson Leighton
2005-10-03 9:34 ` Erik Mouw
2005-10-03 1:53 ` Luke Kenneth Casson Leighton
2005-10-03 2:31 ` Vadim Lobanov
2005-10-02 23:14 ` D. Hazelton
2005-10-03 10:36 ` Giuseppe Bilotta
2005-10-03 21:34 ` Nix
2005-10-03 18:19 ` Lennart Sorensen
2005-10-04 12:53 ` Luke Kenneth Casson Leighton
2005-10-04 13:13 ` linux-os (Dick Johnson)
2005-10-04 13:47 ` Lennart Sorensen
2005-10-04 17:12 ` Bill Davidsen
2005-10-04 16:20 ` Gene Heskett
2005-10-03 2:12 ` Horst von Brand
2005-10-03 16:32 ` Valdis.Kletnieks
2005-10-03 19:02 ` Luke Kenneth Casson Leighton
2005-10-03 2:55 ` Valdis.Kletnieks
2005-10-03 3:25 ` Rik van Riel
2005-10-03 19:13 ` Alan Cox
2005-10-03 21:22 ` Luke Kenneth Casson Leighton
2005-10-03 5:03 ` Sonny Rao
2005-10-03 21:12 ` Luke Kenneth Casson Leighton
2005-10-03 23:46 ` Sonny Rao
2005-10-03 19:18 ` Alan Cox
2005-10-03 21:07 ` Luke Kenneth Casson Leighton
2005-10-03 22:05 ` Alan Cox
2005-10-04 14:01 ` Andi Kleen
2005-10-04 3:51 ` Valdis.Kletnieks
2005-10-03 0:04 ` Martin J. Bligh
2005-10-03 0:14 ` Randy.Dunlap
2005-10-03 0:44 ` Luke Kenneth Casson Leighton
2005-10-03 7:50 ` Meelis Roos
2005-10-03 18:08 ` Lennart Sorensen
2005-10-03 18:28 ` linux-os (Dick Johnson)
2005-10-03 20:00 ` Jon Masters
2005-10-03 18:56 ` Luke Kenneth Casson Leighton
2005-10-03 1:10 ` Luke Kenneth Casson Leighton
2005-10-03 1:18 ` Rik van Riel
2005-10-03 1:27 ` Chase Venters
2005-10-04 12:59 ` Luke Kenneth Casson Leighton
2005-10-04 15:01 ` Tushar Adeshara
2005-10-04 15:04 ` Nikita Danilov
2005-10-04 15:58 ` Luke Kenneth Casson Leighton
2005-10-04 16:17 ` Luke Kenneth Casson Leighton
2005-10-04 17:15 ` Nikita Danilov
2005-10-04 17:23 ` Luke Kenneth Casson Leighton
2005-10-04 17:40 ` Nikita Danilov
2005-10-04 17:30 ` Rik van Riel
2005-10-06 0:07 ` Luke Kenneth Casson Leighton
2005-10-06 9:56 ` David Weinehall
2005-10-06 17:23 ` Rik van Riel
2005-10-06 19:22 ` Luke Kenneth Casson Leighton
2005-10-07 0:38 ` Luke Kenneth Casson Leighton
2005-10-07 1:10 ` Al Viro
2005-10-07 0:40 ` Luke Kenneth Casson Leighton
2005-10-03 17:56 ` Joe Bob Spamtest
[not found] ` <20051003185804.GB8548@lkcl.net>
[not found] ` <43418834.6070400@spamtest.viacore.net>
2005-10-03 20:30 ` Luke Kenneth Casson Leighton
2005-10-02 22:49 ` Christoph Hellwig
2005-10-02 23:24 ` Luke Kenneth Casson Leighton
2005-10-03 4:04 ` Willy Tarreau
2005-10-03 0:38 ` Kurt Wall
2005-10-03 0:36 ` Kurt Wall
2005-10-03 0:43 ` David Leimbach
2005-10-03 5:45 ` Nick Piggin
2005-10-03 14:20 ` Jon Masters
2005-10-03 16:00 ` Miklos Szeredi
2005-10-03 19:12 ` Luke Kenneth Casson Leighton
2005-10-03 19:31 ` Miklos Szeredi
2005-10-03 20:22 ` Luke Kenneth Casson Leighton
2005-10-03 21:55 ` Jon Masters
2005-10-04 1:33 ` Jason Stubbs
2005-10-04 12:22 ` Luke Kenneth Casson Leighton
2005-10-04 19:47 ` Marc Perkel
2005-10-04 21:15 ` Luke Kenneth Casson Leighton
2005-10-04 23:40 ` Chase Venters
2005-10-05 5:35 ` Valdis.Kletnieks
2005-10-05 10:07 ` Luke Kenneth Casson Leighton
2005-10-05 6:54 ` Steven Rostedt
2005-10-05 10:03 ` Luke Kenneth Casson Leighton
2005-10-05 10:26 ` Luke Kenneth Casson Leighton
2005-10-05 11:04 ` Diego Calleja
2005-10-06 19:15 ` Luke Kenneth Casson Leighton
2005-10-06 5:04 ` Chase Venters
2005-10-06 4:27 ` [ANNOUNCE] Wolf Mountain File System [what's next for the linux kernel] jmerkey
2005-10-06 4:32 ` jmerkey
2005-10-06 10:44 ` Luke Kenneth Casson Leighton
2005-10-06 14:24 ` jmerkey
2005-10-06 8:08 ` Valdis.Kletnieks
2005-10-06 14:25 ` jmerkey
2005-10-11 18:18 ` [ANNOUNCE] Wolf Mountain File System Jeff V. Merkey
2005-10-06 15:10 ` what's next for the linux kernel? Michael Concannon
2005-10-06 19:28 ` Luke Kenneth Casson Leighton
2005-10-06 20:13 ` Michael Concannon [this message]
2005-10-06 20:22 ` Michael Concannon
2005-10-06 21:05 ` Luke Kenneth Casson Leighton
2005-10-06 21:20 ` Luke Kenneth Casson Leighton
2005-10-06 21:53 ` Michael Concannon
2005-10-06 22:24 ` Luke Kenneth Casson Leighton
2005-10-06 22:41 ` Michael Concannon
2005-10-06 22:41 ` Michael Concannon
2005-10-07 1:05 ` Howard Chu
2005-10-08 22:27 ` Helge Hafting
2005-10-08 22:42 ` Luke Kenneth Casson Leighton
2005-10-05 0:59 ` Horst von Brand
2005-10-05 1:22 ` D. Hazelton
2005-10-05 5:49 ` Marc Perkel
2005-10-05 6:03 ` Valdis.Kletnieks
2005-10-05 9:24 ` Nikita Danilov
2005-10-05 9:56 ` Luke Kenneth Casson Leighton
2005-10-05 10:30 ` Nikita Danilov
2005-10-05 11:13 ` Luke Kenneth Casson Leighton
2005-10-05 12:17 ` Nikita Danilov
2005-10-05 12:36 ` Luke Kenneth Casson Leighton
2005-10-05 18:47 ` Horst von Brand
2005-10-05 23:03 ` Luke Kenneth Casson Leighton
2005-10-05 21:55 ` jmerkey
2005-10-05 23:36 ` Neil Brown
2005-10-05 22:21 ` jmerkey
2005-10-05 23:42 ` David Leimbach
2005-10-06 3:06 ` Horst von Brand
2005-10-06 10:54 ` Luke Kenneth Casson Leighton
2005-10-06 8:03 ` Valdis.Kletnieks
2005-10-06 9:31 ` Helge Hafting
2005-10-06 14:40 ` Horst von Brand
2005-10-06 18:34 ` Valdis.Kletnieks
2005-10-05 11:16 ` Luke Kenneth Casson Leighton
2005-10-05 13:21 ` Marc Perkel
2005-10-05 13:52 ` Nikita Danilov
2005-10-05 23:53 ` Helge Hafting
2005-10-05 16:36 ` Tim Bird
2005-10-05 13:45 ` D. Hazelton
2005-10-05 10:09 ` Luke Kenneth Casson Leighton
2005-10-05 10:23 ` Valdis.Kletnieks
2005-10-05 11:14 ` Luke Kenneth Casson Leighton
2005-10-05 14:17 ` Nix
2005-10-05 15:54 ` Rik van Riel
2005-10-05 15:58 ` Marc Perkel
2005-10-05 16:15 ` Al Viro
2005-10-05 16:23 ` Marc Perkel
2005-10-05 19:30 ` Lennart Sorensen
2005-10-05 22:48 ` Luke Kenneth Casson Leighton
2005-10-06 10:28 ` Nikita Danilov
2005-10-07 0:59 ` Joe Bob Spamtest
2005-10-07 0:25 ` Joe Bob Spamtest
2005-10-05 20:11 ` Luke Kenneth Casson Leighton
[not found] <4TiWy-4HQ-3@gated-at.bofh.it>
2005-10-02 22:43 ` Robert Hancock
2005-10-02 23:32 ` Gene Heskett
2005-10-02 23:41 ` Vadim Lobanov
2005-10-02 23:48 ` Rik van Riel
2005-10-03 3:50 ` Gene Heskett
2005-10-03 9:39 ` Jesper Juhl
[not found] ` <4U0XH-3Gp-39@gated-at.bofh.it>
2005-10-04 22:04 ` Bodo Eggert
2005-10-05 10:36 ` Luke Kenneth Casson Leighton
2005-10-05 23:12 ` Nix
2005-10-05 23:28 ` Luke Kenneth Casson Leighton
2005-10-05 23:49 ` Nix
2005-10-05 14:34 ` Nix
2005-10-05 14:41 ` Marc Perkel
2005-10-05 14:44 ` Lennart Sorensen
2005-10-05 14:48 ` Marc Perkel
2005-10-05 14:56 ` Lennart Sorensen
2005-10-05 15:08 ` Marc Perkel
2005-10-05 15:26 ` Lennart Sorensen
2005-10-05 19:16 ` Nix
2005-10-05 19:30 ` Marc Perkel
2005-10-05 20:26 ` Nix
2005-10-08 16:49 ` Denis Vlasenko
2005-10-05 19:40 ` Al Viro
2005-10-05 19:49 ` Marc Perkel
2005-10-05 19:55 ` Lennart Sorensen
2005-10-05 20:25 ` linux-os (Dick Johnson)
2005-10-05 20:31 ` Nix
2005-10-05 14:59 ` Nigel Rantor
2005-10-05 16:16 ` Bodo Eggert
2005-10-05 19:37 ` Florin Malita
2005-10-05 19:44 ` Marc Perkel
2005-10-05 19:52 ` Lennart Sorensen
2005-10-05 20:05 ` Marc Perkel
2005-10-05 20:23 ` Lennart Sorensen
2005-10-06 2:56 ` Horst von Brand
2005-10-06 3:50 ` Marc Perkel
2005-10-05 20:21 ` Valdis.Kletnieks
2005-10-05 20:58 ` Dave Neuer
2005-10-05 21:05 ` Bodo Eggert
2005-10-06 6:43 ` Steven Rostedt
2005-10-05 19:54 ` Bernd Petrovitsch
2005-10-07 0:11 ` Joe Bob Spamtest
2005-10-05 14:52 ` linux-os (Dick Johnson)
2005-10-05 14:57 ` Lennart Sorensen
2005-10-05 15:26 ` linux-os (Dick Johnson)
2005-10-05 15:24 ` Luke Kenneth Casson Leighton
2005-10-05 15:30 ` Lennart Sorensen
2005-10-05 15:42 ` Luke Kenneth Casson Leighton
2005-10-05 15:55 ` Lennart Sorensen
2005-10-06 15:41 ` Ragnar Hojland Espinosa
2005-10-05 14:55 ` David Leimbach
2005-10-05 16:25 ` Bodo Eggert
2005-10-05 16:41 ` David Leimbach
2005-10-05 19:21 ` Nix
2005-10-05 23:23 ` Luke Kenneth Casson Leighton
2005-10-06 9:53 ` grundig
2005-10-06 10:45 ` Tomasz Kłoczko
2005-10-06 15:18 ` Greg Norris
2005-10-05 20:27 ` Marc Perkel
2005-10-05 20:41 ` Julian Blake Kongslie
2005-10-05 20:51 ` Bas Westerbaan
2005-10-05 20:57 ` Julian Blake Kongslie
[not found] ` <4Uis4-4pZ-5@gated-at.bofh.it>
2005-10-05 17:43 ` Bodo Eggert
2005-10-05 19:27 ` Nix
2005-10-05 20:04 ` Bodo Eggert
-- strict thread matches above, loose matches on Subject: below --
2005-10-04 4:11 Martin Fouts
[not found] <mail.linux.kernel/20051003203037.GG8548@lkcl.net>
[not found] ` <05Oct4.173802edt.33143@gpu.utcc.utoronto.ca>
2005-10-05 12:07 ` Luke Kenneth Casson Leighton
2005-10-05 12:31 ` Jens Axboe
2005-10-05 13:35 ` Luke Kenneth Casson Leighton
2005-10-05 13:40 ` Jens Axboe
2005-10-05 15:29 ` Luke Kenneth Casson Leighton
2005-10-05 15:51 ` Jens Axboe
2005-10-05 16:38 ` Steven Rostedt
2005-10-05 23:24 ` Luke Kenneth Casson Leighton
2005-10-05 17:01 ` Dave Neuer
[not found] ` <161717d50510050957t2eaa3af0u8c6b3b4d327497a9@mail.gmail.com>
2005-10-05 23:05 ` Luke Kenneth Casson Leighton
[not found] <DE88BDF02F4319469812588C7950A97E9312A6@ussunex1.palmsource.com>
2005-10-06 0:03 ` Luke Kenneth Casson Leighton
2005-10-06 0:14 ` David S. Miller
2005-10-06 1:11 ` Nigel Rantor
2005-10-06 11:10 ` Luke Kenneth Casson Leighton
2005-10-06 15:44 ` Al Viro
2005-10-06 0:51 ` Howard Chu
2005-10-06 3:53 Nikolay N. Ivanov
2005-10-06 23:24 Joe Bob Spamtest
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4345855B.3@concannon.net \
--to=mike@concannon.net \
--cc=chase.venters@clientec.com \
--cc=linux-kernel@vger.kernel.org \
--cc=lkcl@lkcl.net \
--cc=marc@perkel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.