Deploying QNX on the desktop

John Nagle

Re: Deploying QNX on the desktop

Post by John Nagle » Mon Jul 26, 2004 7:31 pm

Dean Douthat wrote:
The security question with QNX is, IMHO, almost identical with the security
question of Linux (and BSD). Security attacks are not generally aimed at
kernel, process manager, file system, and the like, in short, the primitive
elements of the OS. Rather they are aimed for the most part at the IP stack
and applications such as Apache for servers and browsers, mail clients, etc.
for clients. In these areas, QNX has not been subected to the same level of
scrutiny as Linux (or BSD), rather, it has been subjected to the exact same
QNX is not that secure, but has much more potential as a high
security system than Linux does, because it's much more partitioned.

If I had the time, I'd approach In-Q-Tel about getting VC funding
for a secure version of QNX. Divert all the connection opens to
a security monitor process that can veto any connect, and impose
a mandatory security policy. Break up Firefox into pieces that
run each page renderer in its own jail. Break up io-net into
pieces that run at different levels, with each connection running
its own unprivileged TCP process. Minimize the amount of code running
with privileges to the point that it can all be examined.

John Nagle

