Removing ACLs from files does not neccessarily
mean that MAC labels should also be removed from
files? They are two different beasts - I'm not
sure why you mentioned them in the same context.
Regardless of whether the ACLs and MAC labels
are stored with the file or seperately, the
file system will still require some modification.
The NSA are proposing are different MAC
scheme to the traditional orange book,
based on various research projects and
experience. I haven't yet installed it
but I am very interested in just what
the differences are.
I think that any concern about NSA adding
MAC to the linux kernel is almost certainly
misfounded, as long as they can make it an
optional module.
You describe C++ as a multi-paradigm language and this is certainly well supported by Coplien's recent book. I do not see Java as a significant progression in terms of computer languages, so what do you see as the next paradigm shift/evolutionary step for computer languages?
Is a truly open virtual platform the next step, or is there an area of syntactic sugar that we have yet to discover and explore?
I think that the clayton internet censorship laws have absolutely nothing to do with it.
It is purely money: + earn 3 times what you earn now + pay less tax - higher living costs + many more oppurtunities + stock options = at least 2 times more than what you earn now
So why am I still here? I would much rather bring up my children he in Oz than anywhere else.
Firstly if you are serious about monitoring performance, forget SNMP.
The best tool that I have ever seen is Performance Co-Pilot on SGIs. They recently demo'd this product at a Linux expo running on an SGI Visual Workstation running Linux and I believe they are heading towards open sourcing it (along with a lot of other SGI stuff).
See http://www.sgi.com/software/co-pilot
I have recently written my own tool for DEC Alphas, but it is primative compared to SGI's tool. Monitoring multiple hosts simultaneously in real-time on the same chart/3D visualisation is non-trivial.
My impression is that there is a good oppurtunity to add some good instrumentation to Linux using a consistent interface, someone has just got to do it. The other UNIXes suffer from insufficient instrumentation and a lack of public interfaces to get at the information.
Slashdot Mirror
Removing ACLs from files does not neccessarily
mean that MAC labels should also be removed from
files? They are two different beasts - I'm not
sure why you mentioned them in the same context.
Regardless of whether the ACLs and MAC labels
are stored with the file or seperately, the
file system will still require some modification.
The NSA are proposing are different MAC
scheme to the traditional orange book,
based on various research projects and
experience. I haven't yet installed it
but I am very interested in just what
the differences are.
I think that any concern about NSA adding
MAC to the linux kernel is almost certainly
misfounded, as long as they can make it an
optional module.
Trusted IRIX is standard IRIX with some extensions, many of which are gaurded with:
if
ie. An IRIX kernel already has much of the code to do this, its just not executed unless you install some extra stuff on the system.
You describe C++ as a multi-paradigm language and this is certainly well supported by Coplien's recent book. I do not see Java as a significant progression in terms of computer languages, so what do you see as the next paradigm shift/evolutionary step for computer languages?
Is a truly open virtual platform the next step, or is there an area of syntactic sugar that we have yet to discover and explore?
I think that the clayton internet censorship laws have absolutely nothing to do with it.
It is purely money:
+ earn 3 times what you earn now
+ pay less tax
- higher living costs
+ many more oppurtunities
+ stock options
= at least 2 times more than what you earn now
So why am I still here? I would much rather bring up my children he in Oz than anywhere else.
Firstly if you are serious about monitoring performance, forget SNMP.
The best tool that I have ever seen is Performance Co-Pilot on SGIs. They recently demo'd this product at a Linux expo running on an SGI Visual Workstation running Linux and I believe they are heading towards open sourcing it (along with a lot of other SGI stuff).
See http://www.sgi.com/software/co-pilot
I have recently written my own tool for DEC Alphas, but it is primative compared to SGI's tool. Monitoring multiple hosts simultaneously in real-time on the same chart/3D visualisation is non-trivial.
My impression is that there is a good oppurtunity to add some good instrumentation to Linux using a consistent interface, someone has just got to do it. The other UNIXes suffer from insufficient instrumentation and a lack of public interfaces to get at the information.