[DGD] Kernerl security without guest programmers
Felix A. Croes
felix at dworkin.nl
Tue Jan 31 11:17:48 CET 2017
Gary <gary at mups.co.uk> wrote:
> As I make glacial progress on my mudlib I keep coming back to how I'm
> attempting to stick to the kernel security model and questioning if i
> really need to be so rigid.
The kernel library provides creator/owner-based security, using it to
restrict file access and some potentially dangerous functionality. It
is not quite clear to me whether you are talking about dismantling this
system, or about following the example set by the kernel library for
your own code.
To answer your question in general terms, any rule can be broken if there
is a good enough reason for it. If sticking to a security model is
preventing you from making progress towards releasing a mudlib, releasing
an insecure mudlib may be better than not releasing anything at all. Do
realize, however, that later securing insecure code is notoriously
difficult.
Changing the security fundamentals of the kernel library itself is not
off-limits. The code was released into the public domain for the express
purpose of allowing integration into arbitrary mudlibs.
Regards,
Felix Croes
More information about the DGD
mailing list