[rc5] distributed.net: a Generalised Compute Resource?

David Sowder davids at cosmic.swau.edu
Fri Jun 20 15:20:28 EDT 1997


On 20 Jun 1997, Michael Graff wrote:
> "Matt J. Gumbley" <csa49 at keele.ac.uk> writes:
> > >This seems to be a hot topic. Read the FAQ. The version 3 clients will allow
> > >us to dynamicly send out new modules for new projects. I'm implementing a
> > >small part of one of my OS protocols to do this. Hopefully by the time we
> > >crack RC5 these new clients should be available and we will be able to "hot
> > >swap" over to the mersenne prime work. From there the possibilities are very
> > >interesting. The goal however is to keep distributed.net together, building
> > >a faster and faster virtual machine working on interesting challenges. We
> > >passed an estimated Tera-operations per second several weeks ago, with the
> > >addition of the DES folks we should hit 5Tops/sec relatively soon.
> > 
> > The idea of a "generalised compute resource" is very interesting: that the
> > machines we currently use give up some cycles to *whatever job we throw at
> > them*.
> 
> You _must_ be kidding!  You're suggesting that I open my machine up
> so wide that anyone who can break your security protocols can run
> any program on my machine?
> 
> That is insane.  If (and only if) it were voluntary to add specific
> modules, I might participate.  However, what you are suggesting is a
> security nightmare.
> 
> I have some thoughts on the techinical details of how to do a system like
> this, but the important thing is that the admin of the site _must_ have
> control over what modules can run on a box.
> 
> And remember that some sites insist on source code.  I do, for instance.

Source code is good and I always look at it if it's available, but if run
as an unpriviledged user on a machine who's operating system is setup
correctly, you aren't opening machine up to any kind of security problems.
If you were opening up your machine by running it as such a user, you have
larger problems than untrusted code.

The only cast where untrusted code can never be run is when you running a
platform like Windows 95 that wants to make people think it is a "real"
operating system when it isn't.  Platforms like Win95 don't have the
required concept of user privileges, nor does the filesystem have any
concept of restricted access.

Running untrusted code on a properly configured Unix or VMS machine
shouldn't be a problem.

(Of course, there's always the nagging mental question:  Is my Unix or VMS
machine properly configured?)

--
David R. Sowder           sowderd at swau.edu                  davids at hpnc.com
Assistant Director of Information Services           Chief Network Engineer
Southwestern Adventist University              Hypernet Communications Inc.
http://www.swau.edu/~sowderd/                   http://www.jci.net/~davids/

----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list