Saturday, June 12

I knew he was wrong

More about Ephemeral VM Environments and EKR's criticism of same. They are so not sandboxes since EVMEs don't prevent "unsafe" actions (hence crashing the suspected program). Rather, they allow suspects to do their worst and attempt to make the side-effects harmless.

This distinction makes for, I believe, a much simpler user-interface, system design and security policy. So I still claim the idea is new and potentially useful.

Update 6/15/04: I saw EKR today and he made several concessions, one amendment, and, finally, a major endorsement of the idea. Summarizing his points:

  • A concession: EVMEs are something that might be quite useful in the Internet Cafe scenerio.

  • Another: There are situations similar to the Internet Cafe scenerio, such as a guest using your home computer, where EVMEs would be useful.

  • Yet Another: EVMEs might be useful to run email attachments in.

  • The amendment: This idea isn't Sandboxing, really. This is Jailing, which is a different term of art.

  • The endorsement: he thought of this himself a year ago.

If you know EKR, you realize that the last is an endorsement indeed.

No comments: