Linked by Andrew Youll on Tue 19th Jul 2005 15:57 UTC
Original OSNews Interviews PC-BSD 0.7.8 has been released and I also recently conducted an interview with PC-BSD Project leader Kris Moore.
Permalink for comment 6437
To read all comments associated with this story, please click here.
Security versus usability
by DonQ on Tue 19th Jul 2005 21:05 UTC
Member since:

Comments above prove yet another time - security and usabilty are mutually exclusive.

Well, before you start flaming, take a break. Maybe these things are not mutually exclusive, after all.

Assume that usability of encapsulated apps is near perfect (simple install/uninstall, no dependency problems). What about security?

OS base system security doesn't depend on apps/packages at all.

Having encapsulated apps on system, application security model is simpler than in usual case - you can focus on securing single applications (by upgrading these or their components/libraries). You don't need to worry about breaking system or dependencies or other apps - they are isolated anyway. IMHO this is positive both for security and productivity. Of course app maintainer needs to watch for libraries problems - but it's needed anyway.

Only big problem seems appear with widely used libs like zlib - if someting breaks in such libs, almost all apps need to be updated. Fortunately such libs tend to have very stable interface and mature code (otherwise they wouldn't be used so extensively), thereby it isn't so hard create simple upgrades for all encapsulated apps (or entire package system).
Of course such "mass upgradeabilty" has to be designed properly and its possibility needs to be included into base package system. As far as I can understand, PC-BSD makers will include something similar into their package system anyway; they just have not finished it yet:)

Comparing to ports system, such mass upgrade of packaged apps is not any worse - all apps are upgraded, no apps will break, time to upgrade is about same.

Reply Score: 1