- From: Alvin Starr <alvin@eyepoint.com>
- Date: Wed, 8 Mar 1995 09:46:12 -0500
- To: riddle@is.rice.edu (Prentiss Riddle)
- Cc: www-talk@www10.w3.org
> Good point. Although I would like to be able to provide many classes > of services to people (or their agents) to whom I would never grant, > say, a Unix shell account. I agree. One of the problems with UNIX as it exists is that there is little reasonable control over access to data and programs. I would like to see a system that supports both Access Control Lists and Integrity Control Lists. Systems should also include a set of tools to manage and monitor the security of a system. Currently I know of no tools that can effectively manage systems in a way that the tools can be used by someone with less than a "GURU" standing. > A separate issue, but one we should consider as well, is that an > "intelligent" agent might be unintelligent enough to make certain > mistakes that a human would never make. I'm thinking of things like > getting into an infinite loop and issuing the same query a million > times (poorly programmed WWW robots are a current example of this). > The kinds of software pathology they've been worrying about for years > in the RISKS Digest all apply to intelligent agents, and both the > designers of agents and the designers of services that agents interact > with need to be aware of them. For this reason, it might be that I > would be willing to grant a human more access than I would grant his or > her robotic agent. You may be able to make a system idiot proof but it can never be made fool proof. Because fools are so ingenious;) It should be possible handle resource allocation and monitoring on a level that has a finer grain then the "user". For example why not limit the number of CPU cycles that can be spent running a program on an individual program basis, or why not continue that to be able to limit resource usage based on the data file being accessed. User,Group,Others along with Read,Write,Execute is not near enough control to be able to allow people reasonable access to systems in a secure and managed way. I would like to see a scheme similar to OS/2's Extended Attributes where a system can store arbitrary information associated with a file. EA's in OS/2 are not the answer as they stand now, but they are a good idea. <rant mode on> At some point in the future it may be that we will have operating systems that are capable of supporting the kind of features necessary to support agents and use by the public in general. But to get there we will have to abandon the current 20 year old software design philosophy. When UNIX was first developed operating systems of the day were written in assembler. 20 years later C has replaced assemble, and for C++ just think of a macro assembler. With the newer languages and tools available why are we now using the 90's moral equivalent of assembler? <rant mode off> -- Alvin Starr || voice: (905)513-6717 Eyepoint Inc. || fax: (905)513-6718 alvin@eyepoint.com ||
Received on Wednesday, 8 March 1995 09:54:18 UTC