> Time for the politicians and
> lawyer on this list to think about this and warm up their MUAs.
Well, I'm not either, but here is an idea I had a little while back. I
call it ActiveWhy for want of a better name...
At the moment, when you download some code into your browser there are
two possibilities. It might be Java, which is secure (to a greater or
lesser degree) and crossplatform but slow, or it might be ActiveX which
is insecure and proprietary but fast.
An ActiveWhy control, however, is distributed as ANSI C source code and
is automatically compiled by the browser using one of the freely
redistributable C compilers. The resulting object file is then cached
to speed up future accesses to the control. In addition, web site
maintainers may, if they wish, include binaries for one or more
platforms along with the source code. This will obviously make accesses
to the control faster on those platforms while not ruling out the
possibility of running the control on anything else.
This gives us something like ActiveX but portable across platforms. Now
we need security... Firstly it must be understood that unlike ActiveX
and Java controls, ActiveWhy controls will always run in a separate
process context. Under Linux, there will be a kernel module which will
implement a new personality. This personality will deny the control
access to any system calls which might be used to compromise security.
Instead the control must perform all I/O through a pipe linked to the
browser. The browser can then decide (using a scheme like Netscape's
SecurityManager) whether to allow or deny a request.
Under Windows this will not be possible (one of the drawbacks of
proprietary kernels). Instead the control will be compiled to machine
code for a simple yet efficient RISC processor. This code will then be
ActiveWhy controls, IMHO, will be useful in their own right; they
provide a way of using the massive existing base of C code on the web in
a secure way. Just as interesting, though, they provide a powerful
incentive to browse the web through Linux rather than anything else...
Pete Chown, email pc@skygate.co.uk, phone +44 (0) 181 680 8393,
fax +44 (0) 181 680 8474, mobile +44 (0) 468 765 645,
post 58 Foss Avenue, Croydon, CR0 4EU, England
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/