relaunchd: a portable clone of launchd

Hubbard Jordan jkh at ixsystems.com
Thu Jan 14 17:00:42 UTC 2016 

> On Jan 14, 2016, at 5:40 AM, Mark Heily <mark at heily.com> wrote:
> 
> 
> Do you have any specific examples of how an "extensible security
> trailer" would be used?

securityd in OS X and how it’s part of the cryptographically signed binary authentication mechanism (where only executables with specific signatures can talk to other trusted services).  You have to have an un-spoofable and controllable startup process without race conditions in the filesystem to do that kind of trusted IPC in a way that’s “unbreakable enough” to base the rest of your security architecture on it.

Again, I cannot give you direct experience with one of the oldest and most widely deployed Mach IPC-based technologies in the world today, that’s something you have to get for yourself.

> Even better, can you demonstrate that Mach is
> the only way to implement this concept?

Of course it’s not the *only* way (one could arguably just redesign something very similar to Mach but not Mach) but again, Mach IPC already exists.  Today.  It’s been tested and vetted for years.  Any new solution would have to go through the same process, and I certainly don’t see the win (or wisdom) of doing something like that.

> I'm disappointed that you would resort to this level of ad-hominem
> attack.

If you think that was an ad-hominem attack, you clearly have never actually experienced one. :)  I made no comments whatsoever about your character, as an ad-hominem attack would require, but specifically said that your arguments went to such lengths to dismiss Mach IPC as a technology that it was like arguing with someone with such a strong bias for some other technology (my analogy being programming languages) that arguing was pointless, and I stand by that assertion since it so very clearly is that, pointless.

You are absolutely *determined* to rewrite things that already exist, and that’s not “an ad-hominem attack” but a simple observation of the facts, Mark!  I’ve been telling you that for some time, and your answers have always consistently added up to “but I don’t like those technologies, so I’m going to do my own!” and that’s FINE, it’s absolutely something you are totally free to do, but when you go further and try to paint your highly subjective preferences as somehow objectively “better”, I get annoyed because unlike you, I can objectively point to a multi-year track record for the technologies I’m championing and also make the rather unassailable observation they already exist and have had their security attack surfaces vetted by literally a cast of thousands, if not millions.  Those are objective truths, not subjective opinion.

You’re not changing my mind and I’m obviously not changing yours, however, so I think there would be nothing “ad-hominem” about stating that this discussion in Hackers has probably ceased to be interesting or enlightening to anyone, though perhaps we’ve sold some popcorn.

- Jordan

More information about the freebsd-hackers mailing list