[rc5] V3 Questions and Concerns

Sebastian Kuzminsky kuzminsk at taussky.cs.colorado.edu
Fri Oct 24 14:09:05 EDT 1997


Sebastian Kuzminsky <kuzminsk at cs.colorado> wrote:
]    It's been said before but i'll say it again:  There is no substitute
] for having source code.
] 
] 
]    In most contemporary operating systems, there exist facilities for
] running programs natively in a sandbox.  For example, in Unix i can
] create a special user ('distributed'), and run distributed.net clients
] as that user in a nice'd, chroot'ed, setrusage'ed environment.  The
] client program can still run amok and freak out, but it's not going to
] hurt my system, and i can just step in and kill it.


Chris Arguin <Chris.Arguin at unh.edu> wrote:
] But look at the top three groups from the RC5 effort. MacOS, Linux, and
] OS/2 Warp. People using Linux certainly have the usual Unix compilers and
] security (I know, I run Linux). I can't speak with any certainty about
] MacOS, but I hazard that it doesn't come with a compiler, and I belive it
] is single-user. OS/2 Warp doesn't come with a compiler, and  AFAIK, there
] are no provisions for the necessary level of security.
] 
] Windows 95 falls in the same boat. Windows NT doesn't come with a
] compiler, but at least it has *some* security.


   In some OSes it's simply not possible to protect the system from
malicious binaries.  In some OSes it's not possible to compile binaries
from available source.  If we want the idle cycles of these machines, we
HAVE to provide binaries and the users HAVE to trust us.


   However, we should still take advantage of the protection offered by
the more modern operating systems.  Is this currently being done in the
v2 clients?  There is the niceness config parameter, which is a step in
the right direction.




] Basically what I am getting at is this: While distributing source code is
] a GOOD thing, it won't work for everyone. Too many people have Win95.
] 
] Of course, it could be done two ways. Distributed source for those who
] want it and have the facilities for it, and precompiled, automatically
] downloadable clients for those who don't care. But I find that solution
] somewhat distastful.


   Distributing both source and pre-compiled binaries is a great idea.
It really is the best of both worlds:  Paranoid programmers get to
verify the source for everyone, and the masses get highly trusted
binaries.




   On a related note, has anyone made Debian or Red Hat packages for the
Linux client?  If done right, this could help recruit lots of cycles.




Sebastian

----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list