IRC channel logs

2023-05-09.log

back to list of logs

<Zarutian_iPad>or just to the OS level of seL4+Genode or CapROS/EROS ?
<ehmry>Gnuxie: because its a lot of work to go all the way down
<Zarutian_iPad>Gnuxie: ^
<Gnuxie>i actually don't know about CHERI but i would assume that's a cop out to add protection to languages that are already unsafe.
<Gnuxie>Yeah, it is a lot of work. So is the Spritely project.
<Zarutian_iPad>Gnuxie: you heard of the term taming? and I am not sure how unsecure the pure part of the lisp variant that goblins uses (whose name rscapes me)
<Zarutian_iPad>guile was the name?
<ehmry>better to go a layer down and make the OS safe rather than worry about implementation languages
<Zarutian_iPad>please note that I write most of the ocap kind of code in Secure EcmaScript these days
<Gnuxie>Zarutian_iPad: yeah guile and scheme are not capability safe on their own
<Gnuxie>Zarutian_iPad: what's taming
<Gnuxie>ehmry: i agree, but then you'd have to ask why you're implementing the OS in an unsafe language
<ehmry>Gnuxie: is your safe language implemented in a safe language?
<Gnuxie>ehmry: if it's meta circular, yes.
<ehmry>and if it's practical to use
<ehmry>and everyone uses it
<Gnuxie>alternatively they can just keep falling down the eternal staircase
<ehmry>I write in unsafe languages all day and no one can stop me
<Zarutian_iPad>Gnuxie: see http://mumble.net/~jar/pubs/secureos/secureos.html for debunk of scheme the language being insecure. Though the default environment that programs run in do provide access to IO directly
<Zarutian_iPad>and on taming see http://erights.org/elib/legacy/taming.html and http://www.erights.org/elib/legacy/index.html
<Zarutian_iPad>This is what the Caja project did rxtensively with js
<Zarutian_iPad> https://en.wikipedia.org/wiki/Caja_project
<Zarutian_iPad>s/rxt/ext/
<Zarutian_iPad>sneek, botsnack.
<sneek>:)
<Zarutian_iPad>ACTION confirms its guile that goblins uses
<Zarutian_iPad>bme links to https://github.com/dckc/awesome-ocap#cpus
<Zarutian_iPad>Gnuxie: was there something else ocap related I can drown you in references for? ;-)
<Zarutian_iPad>ehmry: was this too mean of me? (The link-blitz that is.)
<Gnuxie>Zarutian_iPad: not yet, i'll trust you for now but not feeling confident about taming. The taming security review you linked literally says that the darpabrowser was not secure
<ehmry>links are good
<Zarutian_iPad>yeah it is so much bloody work. Better to start with an os like KeyKos or its ilk
<Zarutian_iPad>litterally often boiling the C is you excuse the pun
<Zarutian_iPad>s/is/if/
<ehmry>i get cranky about safety because I'd rather trust readable code in an unsafe language than safe but indecipherable ultra-C++++
<Zarutian_iPad>ehmry: ya consider well factored forth code in the former or latter category?
<ehmry>I haven't read enough forth to say. I watched a forth live coding demo last week and I didn't really follow
<Zarutian_iPad>I am only half trolling. But if you are curious check out https://pfe.sourceforge.net/4thtutor/4thtutor.htm
<isd>Does goblins document somewhere what scheme values can be passed through ocapn/captp, and what happens if you pass something else?
<banna>.o/
<Parnikkapore_m>why is civo freaking dul in this channel
<pinoaffe>Parnikkapore_m: why wouldn't he be?
<sneek>Welcome back Zarutian_iPad :D