Could somebody use SCSH, Sheme, or Lisp to create the "Lispm" architecture.
Franz Kafka
uses Lisp, Scheme, or ScSh to create a Lisp Machine.
One possilbe Lispm is
vlee.sourceforge.net
and there was also talk about an Explorer II emulator.
How hard would it be to turn a Linux box into a Scheme/Lisp machine.
Are there any OS's that are written in Lisp/Scheme?
Could Linux be ported from C into Lisp/Scheme, and would this
constitute a Lispm.
Please help with a Lisp/Scheme based OS.
If one were freely available, and more people started using and liking
it, it could cause a rebirth of the Lisp Machine--just like Linux
caused the
rebirth of UNIX.
The only important thing is to not tie the Lispm to a specific chip,
or Machine like Symbolics, LMI, Xerox, TI, and the Scheme Chip did but
to make it able
to run on all hardware--so that more people could try it out.
Porting Linux into a Lisp/Scheme OS would be a great start.
Tom Lord
Is there any OpenSource OS or Arcitecture that uses Lisp,
Scheme, or ScSh to create a Lisp Machine.
How hard would it be to turn a Linux box into a Scheme/Lisp machine.
If one were freely available, and more people started using
and liking it, it could cause a rebirth of the Lisp
Machine--just like Linux caused the rebirth of UNIX.
It sounds like you are just playing around with ideas, so here are
some toys:
1) Don't bother trying to make a new kernel. Use an existing one.
Otherwise, at _best_, you'll spend a decade fretting over device
drivers and the tcp/ip stack. Anyway, unix kernels are pretty good
-- even as lispm kernels. Unless your goal is OS research -- just
"take" rather than "make" that component.
2) Don't bother trying to make a "pure lisp" system. Otherwise,
at _best_, you'll spend half a decade fretting about replacing X11
and writing a web browser.
3) I think one lispm virtue that could stand to be reborn is the
extreme hackability, and compactness of code. E.g., suppose you're
machine is running a POP3 service and you want to add some weird
feature like, say, server-side autoclassification of incoming
messages into folders. You should be able to fire up an emacs
buffer and start tweaking the server code -- maybe even connecting
to a listener on the running server. The "seemlessness" of that
kind of hackability, compared to, say, grabbing the source RPM,
reading the config instructions, etc.... would be on of my goals if
I were going to work on what you're suggesting.
4) An interesting starting place -- especially appropriate if you're
interested in SCSH: work on replacing the boot scripts of your
system; then on replacing the inetd services. Can you get to a
state where the first invocation of the (traditional) shell is
after you log in? From my personal experience, if you're a pretty
good scheme/lisp hacker, you can get a bootable system (missing a
bunch of services, of course) in a couple of weeks.
5) Another interesting starting place might be to work on replacing
the shell for interactive use.
6) Another lispm virtue (from what little I saw, anyway) was
Emacs-based gui interaction. Read up on Plan9's gui, and on
emacs, and then edwin -- then do something clever.
7) Whence from there? You could dig in to making server functionality
really secure/fast -- you could build out towards making desktop
apps really slick -- lots of options.
-t
TiM
On Tue, 1 Apr 2003, Tom Lord wrote:
> 5) Another interesting starting place might be to work on replacing
> the shell for interactive use.
anyone have any news on this front to report?
so far the best i've seen is the "run scheme in a buffer" command in
emacs, which altho rather cool, is still just a beginning.
TiM
Peter Seibel
> Is there any OpenSource OS or Arcitecture that uses Lisp,
> Scheme, or ScSh to create a Lisp Machine.
>
> How hard would it be to turn a Linux box into a Scheme/Lisp machine.
>
>
> If one were freely available, and more people started using
> and liking it, it could cause a rebirth of the Lisp
> Machine--just like Linux caused the rebirth of UNIX.
>
>
> It sounds like you are just playing around with ideas, so here are
> some toys:
>
>
> 1) Don't bother trying to make a new kernel. Use an existing one.
> Otherwise, at _best_, you'll spend a decade fretting over device
> drivers and the tcp/ip stack. Anyway, unix kernels are pretty good
> -- even as lispm kernels. Unless your goal is OS research -- just
> "take" rather than "make" that component.
Along those lines, you might want to check out the Flux OsKit.
From <http://www.cs.utah.edu/flux/oskit/>:
The OSKit is a framework and a set of 34 component libraries
oriented to operating systems, together with extensive
documentation. By providing in a modular way not only most of the
infrastructure "grunge" needed by an OS, but also many higher-level
components, the OSKit's goal is to lower the barrier to entry to OS
R&D and to lower its costs. The OSKit makes it vastly easier to
create a new OS, port an existing OS to the x86 (or in the future,
to other architectures supported by the OSkit), or enhance an OS to
support a wider range of devices, file system formats, executable
formats, or network services. The OSKit also works well for
constructing OS-related programs, such as boot loaders or OS-level
servers atop a microkernel.
For language researchers and enthusiasts, the OSKit lets them
concentrate on the real issues raised by using advanced languages
inside operating systems, such as Java, Lisp, Scheme, or ML---
instead of spending six months or years groveling inside ugly code
and hardware. With the recent addition of extensive multithreading
and sophisticated scheduling support, the OSKit also provides a
nmodular platform for embedded applications, as well as a novel
component-based approach to constructing entire operating systems.
-Peter
--
Peter Seibel pe...@javamonkey.com
The intellectual level needed for system design is in general
grossly underestimated. I am convinced more than ever that this
type of work is very difficult and that every effort to do it with
other than the best people is doomed to either failure or moderate
success at enormous expense. --Edsger Dijkstra
Alex Shinn
Tom> 1) Don't bother trying to make a new kernel. Use an existing
Tom> one. Otherwise, at _best_, you'll spend a decade fretting
Tom> over device drivers and the tcp/ip stack.
The TCP/IP stack is a one time, simple driver. The problem with other
device drivers is that they become outdated so quickly. I buy a new
digital camera and it doesn't have any support under Linux, the HW
manufacturers won't provide specs, and Linux+C is a terrible platform
for reverse engineering and experimental driver development. It would
be much better to have a nice Lisp/Scheme repl where you can
interactively query the HW and write newer drivers faster. It would be
worth the initial time investment.
Tom> 2) Don't bother trying to make a "pure lisp" system.
Tom> Otherwise, at _best_, you'll spend half a decade fretting
Tom> about replacing X11 and writing a web browser.
X11 is a monster, better not to replace. All functional web browsers
are likewise. GUI's are not difficult, and easy to improve on.
Tom> 4) An interesting starting place -- especially appropriate if
Tom> you're interested in SCSH: work on replacing the boot
Tom> scripts of your system; then on replacing the inetd
Tom> services. Can you get to a state where the first invocation
Tom> of the (traditional) shell is after you log in? From my
Tom> personal experience, if you're a pretty good scheme/lisp
Tom> hacker, you can get a bootable system (missing a bunch of
Tom> services, of course) in a couple of weeks.
Using a C-compiled Lisp/Scheme? If you want to up the ante a few more
years, drop C and write a native compiler. Are there any free Lisp
assemblers out there? I have a Scheme assembler if there's nothing
better, but it's x86-only right now and the ELF linker is primitive and
doesn't handle shared libraries.
--
Alex
Christopher Browne
> Is there any OpenSource OS or Arcitecture that
> uses Lisp, Scheme, or ScSh to create a Lisp Machine.
There's a sizable wasteland of fairly much failed projects; see the
URL below.
There are projects that try to create their own kernel; they tend to
run afoul of the problem of being tied to a /precise/ set of
hardware. They support one CPU, one SCSI card, one graphics card, and
as soon as the winds change, and 3dfx disappears from the market,
the software becomes a curiosity that hardly anyone could have run in
the first place.
The system that gets cited a lot is FluxOS, from U of Utah; they were
able to quickly embed a port of MzScheme atop the OS, which is
interesting. On the other hand, they never got around to letting it
communicate with either networks or persistent filesystems, which
makes it somewhat /less/ than a curiosity.
People in the Lisp world often hate X, and the way Linux and BSDs use
C for their native "APIs," but it would take a LOT of effort to put
enough effort in to equal the efforts going into maintain
compatibility of them with the latest and greatest hardware on
numerous architectures.
--
output = reverse("moc.enworbbc@" "enworbbc")
http://www3.sympatico.ca/cbbrowne/lisposes.html
"We use Linux for all our mission-critical applications. Having the
source code means that we are not held hostage by anyone's support
department." -- Russell Nelson, President of Crynwr Software
Burton Samograd
> Using a C-compiled Lisp/Scheme? If you want to up the ante a few more
> years, drop C and write a native compiler. Are there any free Lisp
> assemblers out there? I have a Scheme assembler if there's nothing
> better, but it's x86-only right now and the ELF linker is primitive and
> doesn't handle shared libraries.
I jsut started playing with the Chicken scheme-to-C compiler and it
looks very promising. It's pretty well documented and offers a good
stepping stone for people (like me) that are experienced C programmers
but can't figure out how to do everything in Lisp/Scheme yet. Combine
that with an online R5RS and scheming gets pretty fun and far less
frustrating (so far, but I haven't done that much substantial work
with it yet). It's quite well documented as well (ie. there's an
actual manual that's usable).
If anybody is interested in using it and is running Gentoo Linux, I
wrote an ebuild that you can use to install and test it out.
--
burton samograd
kru...@hotmail.com
http://kruhftwerk.dydns.org
Henrik Motakef
> Is there any OpenSource OS or Arcitecture that
> uses Lisp, Scheme, or ScSh to create a Lisp Machine.
No. There is/was a mailing list where people interested in a new Lisp
OS gathered, but AFAIK there were no big successes.
See <http://lists.tunes.org/mailman/listinfo/lispos>.
> How hard would it be to turn a Linux box into a Scheme/Lisp machine.
Depends on how you define "Scheme/Lisp machine" (and "Linux box", of
course). Lisp Machines tended to have specialized processors that your
"Linux box" is not likely to have, so you'd have to replace it. If
your Linux box is an Alpha, you can deinstall Linux und use
Genera. You can also use any computer running Linux to run Lisp on top
of it, just not as as OS.
> Are there any OS's that are written in Lisp/Scheme?
Not any that you can get at Sourceforge or your local computer store.
> Could Linux be ported from C into Lisp/Scheme, and would this
> constitute a Lispm.
Linux is nothing but a huge collection of C, C++ and Assembly code. If
you rewrote it in Lisp, it wouldn't be Linux any more. And probably
not a good LispOS either, just translating a C program will result in
poor Lisp style.
> Please help with a Lisp/Scheme based OS.
>
> If one were freely available, and more people started using and liking
> it, it could cause a rebirth of the Lisp Machine
Well, so what? Why do you think having a Lisp Machine is important? I
for one would be more happy if we had a set of really good development
tools and seamless integration with OSes that other people actually
use.
>--just like Linux caused the rebirth of UNIX.
But Unix wasn't dead. Linux probably caused at least as many problems
for the existing Unixes than it solved, maybe a lot more.
Building a Lisp OS that would be all like Genera today probaly would
not be a too bright idea, anyway - not only because you would not be
able to run lots of good existing software on it without good reason
(unless you would implement a POSIX layer, which is probably not fun),
I wouldn't want to connect a machine running a single-user OS focusing
on openness and easy tweakability to todays internet.
IMHO, Operating Systems have become boring in the last years. There
are several "good enough" OSes you can build upon. My advice for
someone trying to build a Lisp OS would be to start with the
user-visible parts, and let other people deal with boot loaders and
device drivers first.
(Not that I would try to stop anyone from building a Lisp OS, it
surely would be cool to have one. I just think there are other, more
interesting things to to.)
Regards
Henrik
Daniel Barlow
> device drivers is that they become outdated so quickly. I buy a new
> digital camera and it doesn't have any support under Linux, the HW
> manufacturers won't provide specs, and Linux+C is a terrible platform
> for reverse engineering and experimental driver development. It would
> be much better to have a nice Lisp/Scheme repl where you can
> interactively query the HW and write newer drivers faster. It would be
> worth the initial time investment.
Although this is a reasonable position as stated, I get the impression
that you think the advantage would be great enough to allow you to
punt all the _other_ drivers you do already have in
Linux/free-unix-of-your-choice. PCI bus and bridges, power
management, ACPI, IDE and SCSI, USB, i2c, exciting long blacklists and
ten years assorted workarounds for specific devices that don't
actually follow specs, networking (ethernet, 802.11, etc), video
cards. Not only do you have to write the drivers, you have to go
through all the same contortions as the free unix people have done to
get contacts at the company, sign NDAs, and the rest of that hassle.
Without the critical mass of something Linux-developer-base-sized, it
sounds like a lot of work. And as you observe, they become out of
date so quickly.
Not having done much of this kind of work, but my suspicion is that
if you want to interactively query the hardware, your first investment
should be in a logic analyser, not a repl.
-dan
--
http://www.cliki.net/ - Link farm for free CL-on-Unix resources
William Bland
> It would be much better to have a nice Lisp/Scheme repl where you
> can interactively query the HW and write newer drivers faster.
> It would be worth the initial time investment.
You might be interested in Schemix (aka SILK = Scheme In the Linux
Kernel). Have a look at:
http://www.abstractnonsense.com/software/schemix.html
for more information.
Best wishes,
Bill.
Joe Marshall
> IMHO, Operating Systems have become boring in the last years. There
> are several "good enough" OSes you can build upon.
What a horrible idea.
Wade Humeniuk
"Franz Kafka" <Symbolics_XL1201...@hotmail.com> wrote in message
news:b3b6b110.03033...@posting.google.com...
> Is there any OpenSource OS or Arcitecture that
> uses Lisp, Scheme, or ScSh to create a Lisp Machine.
>
> One possilbe Lispm is
> vlee.sourceforge.net
>
> and there was also talk about an Explorer II emulator.
>
> How hard would it be to turn a Linux box into a Scheme/Lisp machine.
>
> Are there any OS's that are written in Lisp/Scheme?
>
> Could Linux be ported from C into Lisp/Scheme, and would this
> constitute a Lispm.
>
> Please help with a Lisp/Scheme based OS.
There are already Lispm's around. Just take an IDE like
Lispworks or ACL. They have editors (much like emacs),
listeners (much like xterms), generic interfaces to
file systems, a compiler, a loader (compile, compile-file and load).
They run under xservers or Windows. You can write "shell scripts" to your
hearts content. If you really want to write a lisp device driver, you
can. You could start with with a IDe like these and gradually replace
the underlying OS, web applications, device drivers with code
written in Lisp. Just see Franz's site
as an example.
Wade
Anne & Lynn Wheeler
> The only important thing is to not tie the Lispm to a specific chip,
> or Machine like Symbolics, LMI, Xerox, TI, and the Scheme Chip did
> but to make it able to run on all hardware--so that more people
> could try it out.
>
> Porting Linux into a Lisp/Scheme OS would be a great start.
slight drift regarding mit lisp machine & 801 circa 1979 ...
see last ref at
http://www.garlic.com/~lynn/2003e.html#65 801 (was re: reviving Multics)
appears just before the next posting at:
http://www.garlic.com/~lynn/2003e.html#66 History of project maintenance tools ... what and when
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Matthew Danish
> Using a C-compiled Lisp/Scheme? If you want to up the ante a few more
> years, drop C and write a native compiler.
http://www.cons.org/cmucl/
http://sbcl.sourceforge.net/
http://openmcl.clozure.com/
http://www.franz.com/
http://www.lispworks.com/
http://www.cormanlisp.com/
http://www.scieneer.com/
http://www.digitool.com/
Petter Gustad
> The only important thing is to not tie the Lispm to a specific chip,
> or Machine like Symbolics, LMI, Xerox, TI, and the Scheme Chip did but
> to make it able
> to run on all hardware--so that more people could try it out.
I think it would be cool to implement a Symbolics type CPU in a
FPGA...
Petter
--
________________________________________________________________________
Petter Gustad 8'h2B | ~8'h2B http://www.gustad.com/petter
Franz Kafka
> Well, so what? Why do you think having a Lisp Machine is important?
>
and I found it hard to get a replacement--plus it was getting slow by
current standards.
What I liked about it was:
1.) It never crashed on me. Windows gave me the Blue Screen of Death,
and Linux gave me coredumps--but my Lispm gave me a menu that allowed
me to interactively fix any errors and continue. I never lost
important data because the the OS locked up, or a page fault was
encountered because some lazy programmer at Microsoft forgot to check
the bounds of an array, or forgot to free some memory.
2.) Everything was written in Lisp, from the lowest device driver, to
the file systems, and network protocols--not that I understood
everything. But, I could look at a Lisp reference, or interactivally
test each function to find out how it worked.
3.) Everything was intergrated. The Word Processor/Text Editor,
E-Mailer, GUI-Toolkit, Web Browser. And, I could switch from one to
the other without worrying about wasting system resources, or having
too many apps opened at once. It was like the OS was a large Lisp
Interperter--that seemed to have unlimited virtual memory, and a great
garbage collector.
4.) you did not have to specify what datatypes a function expected.
Each operator knew what datatypes it operated on and how to handle
exceptions. This freed the programmer from having to worry about
making sure data types matched and from having to write fifteen
functions that did the same operation to different datatypes.
5.) The OS was Object Oriented. It was easy to extend a class to add
new functionality to the system.
6.) Each user was on the same OS as a different instance of the class
OS. This means that if one user screwed up the OS--it could be
restored to the default class OS. And also prevented one users
mistakes from affecting other users.
7.) A new instance of the OS could be loaded when the OS was running.
These instances called worlds could be loaded in real time--plus a
user could create a new version of the OS for his own use.
8.) Even the microcode could be written in Lisp.
9.) Security made sure that no code could be loaded from the net
without the sysadmins concent.
10.) The system could be configured to be bootable from the net. So,
sysadms could manage systems from far away.
>
> I wouldn't want to connect a machine running a single-user OS focusing
> on openness and easy tweakability to todays internet.
>
The new system would have to have a layer of security to prevent
people from the net from modifying the system. Linux is an open system
too. But, most users would want a system that's easy to modify. It
would make developing code on the system easier, and would also make
adding new features to the system easier.
As for a single user system--Lisp does not require a system to be
single user. With CLOS or Multithreading, or even Scheme-like
continuations it should be very easy to write a multi-user Lispm.
When network protocols such as TCP/IP, Sockets, Chaosnet, or Ethernet
are added to the Lispm security could be added as well to make sure
that only the sysadm could change the system. And by providing a
function in microcode--that could not be changed--to restore the
system to some default. This one concession should make a Lispm safe
on the Net.
It a GNU Lispm OS were developed--I'm sure people would use it. What
kept people from Lisp based OSes in the past was the high prices and
the speciallized hardware requirements.
But, If we write our own we could make it run on stock hardware
(Intel,AMD,Motorola) everything Linux runs on.
ALSO:
We could make Linux the FEP (Front End Processor) and have the
Lisp OS load on top of Linux.
Any OS could be the FEP. The FEP was used to debug a faulty Lisp OS
hardware error.
The Lispm would need an Editor, a GUI Builder, an E-Mailer, Lisp
Debugger, and other Lisp tools. Any OS could be the FEP even Windows
but I would shy away from Windows.
The only key difference between a Lisp Compiler and a Lisp OS is
support for a file system, a verious development tools.
I'm sure that someone could write Linux code to emulate one of the
older Lispm environments--kind of like OpenGenera...& this would be a
good start to creating a new Lispm.
Franz Kafka
> There are already Lispm's around. Just take an IDE like
> Lispworks or ACL. They have editors (much like emacs),
> listeners (much like xterms), generic interfaces to
> file systems, a compiler, a loader (compile, compile-file and load).
>
That's true.
But, most Lisp Systems cost way too much for a hobbyist or typical
computer user (> $1,000) or even (> $5,000) in most cases.
If companys would release GNU or freeware versions of there
products--I think that the market for the corporate versions would
increase. Because a freeware version would increase the number of base
users. Some would learn to code in LISP and develop new apps. This
would make more firms want to use Lisp with Java (which spread because
SUN released a free version) and C/C++ which is popular because a free
OS uses them.
Symbolics or MIT should release a version of OpenGenera that runs on
Linux.
Franz did a good job but should release a GNU Version of Allegro CL
Gold Hill should release a GNU Version of Gold Works 3
and other LISP companys should follow suit.
Clisp is good.
However, LISP is not as popular as it could be--not because it is very
hard to learn, but because there are no GNU Versions of Commerical
Grade products. I think that once a GNU version is out there--the
company that released it could make money on support, documentation,
and delivery; like RedHat does.
Another thing is to release cheaper versions of Lisp Compilers that
can create a Windows executable. Some programmers I know would love to
switch to LISP but cannot because they cannot justify why thay should
spend in the thousand dollar range--when they can get Visual Basic,
and Visual C++ for way under a thousand and sometimes way under a
hundred. (The managers told those programmers that they could buy a
Lisp compiler if it conformed to the ANSI standard, and came with some
GUI builder such as CLIM, or a VB type interface--they could not find
such a system.)
If a company released such a version it would make LISP more popular,
and if a old Lisp Machine company such as: TI, Symbolics, Xerox (which
did, Melady, I think), LMI, or even MIT released a freeware version of
their Lisp environment which ran either on Linux, or Windows, or
better yet both it would rekindle the need, and want for LISP based
OSes. (Users want OSes they can customize, and programmers would find
an open source OS easier to extend when new features are desired.)
The ultimate would be a Lisp OS that ran as a Java applet, or better
yet make a Lisp OS that is web based like Java so that people from
verious computers can log on to one central server. The server should
be protected so that only the client can make chages to itself--to
eliminate any security problems.
Alex Shinn
Daniel> Not having done much of this kind of work, but my suspicion
Daniel> is that if you want to interactively query the hardware,
Daniel> your first investment should be in a logic analyser, not a
Daniel> repl.
Not just interactively query the hardware, interactively write the
driver. So you could query the driver, write a driver function, test
it, and make changes and redefine the driver functions as needed. It
seems worth it to sacrifice support for older hardware if you could add
support for newer hardware more easily.
--
Alex
Henrik Motakef
> Symbolics or MIT should release a version of OpenGenera that runs on
> Linux. Franz [...] should release a GNU Version of Allegro CL [...]
> The ultimate would be a Lisp OS that ran as a Java applet,
Way to obvious. Try something more subtle next year.
Regards
Henrik
Christopher C. Stacy
Anne> slight drift regarding mit lisp machine & 801 circa 1979 ...
That story is pretty garbled. The early people on the Lisp Machine
project were certainly aware of the 801 due to assorted connections
with people at Yorktown, but they did not consider creating the Lisp
Machine by using the IBM processor. (The Lisp Machine was invented
more than 3 years before the time you're citing, there, by the way.)
Christopher C. Stacy
Petter> Symbolics_XL1201...@hotmail.com (Franz Kafka) writes:
>> The only important thing is to not tie the Lispm to a specific chip,
>> or Machine like Symbolics, LMI, Xerox, TI, and the Scheme Chip did but
>> to make it able
>> to run on all hardware--so that more people could try it out.
Petter> I think it would be cool to implement a Symbolics type CPU in a
Petter> FPGA...
Isn't that called the "G-Machine" circa 1986?
Anne & Lynn Wheeler
cst...@dtpq.com (Christopher C. Stacy) writes:
> That story is pretty garbled. The early people on the Lisp Machine
> project were certainly aware of the 801 due to assorted connections
> with people at Yorktown, but they did not consider creating the Lisp
> Machine by using the IBM processor. (The Lisp Machine was invented
> more than 3 years before the time you're citing, there, by the way.)
that was just a copy of email to me ... sent on the date indicated; it
didn't actually give a date as to the request to Evans. i would have
expected the actual date of the request to Evans would have been at
least a couple years earlier given the 8100 reference. The first 801
presentation I attended was spring of '76 (... which would correspond
to your reference).
Joe Marshall
> Symbolics or MIT should release a version of OpenGenera that runs on
> Linux.
>
> Franz did a good job but should release a GNU Version of Allegro CL
>
> Gold Hill should release a GNU Version of Gold Works 3
>
> and other LISP companys should follow suit.
Someone should give me enough money to pay my mortgage so I can spend
my spare time writing a Lisp Machine emulator.
Franz Kafka
> > Symbolics or MIT should release a version of OpenGenera that runs on
> > Linux. Franz [...] should release a GNU Version of Allegro CL [...]
> > The ultimate would be a Lisp OS that ran as a Java applet,
>
> Way to obvious. Try something more subtle next year.
>
We need to be obvious because if people just hint at it. it might take
too long to get done. Genera is over 10 years old. Nobody uses it
anymore--not counting serious LISP hobbyists who use old Symbolics
hardware. (But, the Lispm companys either dropped Lisp or filed for
bankrupcy.)
A GNU version of a program like Genera will allow a new group of Lisp
hackers to see why Lisp is such a good language.
Since, freeware was invented by a person at MIT with EMACS and
X-WINDOWS, they could hopefully make a freeware version of a Lisp OS
like Genera--I'm assuming that MIT still has Lisp hackers who would
love to create a Lisp or Scheme based OS.
Look, they already build the LM-1 a Lisp Machine, and a CPU that
executes Scheme code. I'm sure that some Lisp/Scheme hackers over at
MIT, or in this newsgroup worked on such projects and would love to
help create a Lisp OS that runs as a Linux/Windows application.
The Lisp would need to handle filesystems, calling devices, I/O,
graphics, garbage collection in a standard way--but they could form a
layer that calls the Linux/Windows kernal, so that the highlevel
syntax would be machine independant and the low level details would be
handles by the OS that the Lisp environment is running in.
We already have several applications that would run in such an
environment: Maxima, CL-HTTP, CLIM, and EMACS. just some examples!!!!!
Andrew Reilly
> A GNU version of a program like Genera will allow a new group of Lisp
> hackers to see why Lisp is such a good language.
I clearly don't understand some subtle advantage of this Genera system. In
what sense is it /different/ from emacs? Is it just the dialect of lisp
involved that's at question?
> We already have several applications that would run in such an
> environment: Maxima, CL-HTTP, CLIM, and EMACS. just some examples!!!!!
Emacs has numeric and symbolic math packages, at least one web browser. I
don't know what CLIM is (a mailer? emacs has a couple of those), but
there are examples of just about everything else.
--
Andrew
Simon András
> On Thu, 03 Apr 2003 02:01:42 +1000, Franz Kafka wrote:
> > A GNU version of a program like Genera will allow a new group of Lisp
> > hackers to see why Lisp is such a good language.
>
> I clearly don't understand some subtle advantage of this Genera system. In
And one could hardly blame you, when you don't know what it is:
> what sense is it /different/ from emacs? Is it just the dialect of lisp
> involved that's at question?
http://kogs-www.informatik.uni-hamburg.de/~moeller/symbolics-info/genera/genera.html
>
> > We already have several applications that would run in such an
> > environment: Maxima, CL-HTTP, CLIM, and EMACS. just some examples!!!!!
>
> Emacs has numeric and symbolic math packages, at least one web browser. I
> don't know what CLIM is (a mailer? emacs has a couple of those), but
> there are examples of just about everything else.
CL-HTTP is not a browser, CLIM is not a mailer, and Google is your
friend.
Andras
>
> --
> Andrew
Franz Kafka
> I think it would be cool to implement a Symbolics type CPU in a
> FPGA...
>
It would be even better if some one could create a VM that implemented
a Symbolics type CPU on an Pentium and/or Athlon chip.
Or even better if someone wrote a Symbolics emulator for Linux, Mac (a
software emulator--forget the MacIvory), or Windows.
We already have Mac emulators on PCs, PC emulators on Macs, and both
PC and Mac emulators on Linux boxes.
What we need is a GNU version of Genera that will run on home
computers. I as a student would love it.
Petter Gustad
> >
> > I think it would be cool to implement a Symbolics type CPU in a
> > FPGA...
> >
>
> It would be even better if some one could create a VM that implemented
> a Symbolics type CPU on an Pentium and/or Athlon chip.
I agree that this would be better in the sense that it would be
accessible to more people. Personally I think it would be more fun to
make the FPGA version :-)
> What we need is a GNU version of Genera that will run on home
> computers. I as a student would love it.
There is a port called OpenGenra (which is not open source) which runs
on Alpha. I think OpenGenra assumes a 64-bit architecture, but a
version for the Opteron would be nice...
Ketil Malde
> Andrew Reilly <and...@gurney.reilly.home> writes:
>> I clearly don't understand some subtle advantage of this Genera
>> system. In what sense is it /different/ from emacs? Is it just the
>> dialect of lisp involved that's at question?
> http://kogs-www.informatik.uni-hamburg.de/~moeller/symbolics-info/genera/genera.html
Is there a version of this document that is updated a bit? I mean,
we know about garbage collection these days. Clicking on director names
to see what's inside is also not too new. How does it compare to a
modern Lisp system running on a modern OS?
More specific question: how is security achieved, when everything's
open, and communciation is done through unrestricted, shared objects?
The reasons given doesn't sound very convincing, looking from a
malicious user perspective.
-kzm
--
If I haven't seen further, it is by standing in the footprints of giants
Paul Wallich
"Ketil Malde" <ket...@ii.uib.no> wrote:
> asi...@math.bme.hu (Simon András) writes:
>
> > Andrew Reilly <and...@gurney.reilly.home> writes:
>
> >> I clearly don't understand some subtle advantage of this Genera
> >> system. In what sense is it /different/ from emacs? Is it just the
> >> dialect of lisp involved that's at question?
>
> > http://kogs-www.informatik.uni-hamburg.de/~moeller/symbolics-info/genera/gen
> > era.html
>
> Is there a version of this document that is updated a bit? I mean,
> we know about garbage collection these days. Clicking on director names
> to see what's inside is also not too new.
On the other hand, clicking on a function name to see and potentially
edit its definition, find the names of all the other functions that call
it, and inspect (and potentially edit) the stack frames of all currently
running invocatons of that function is kinda cool. Especially when it's
just a single mouse click to find the function/variable/whatever behind
any object or piece of text on the screen.
In my (very very very) limited experience the integration of language,
OS and IDE provides significant advantages over even most modern Lisp
IDEs on conventional OS's because you don't suddenly run into some
opaque block of code or binary data when you're following the path of
how something works (or doesn't).
paul
Franz Kafka
>
> Personally I think it would be more fun to
> make the FPGA version :-)
>
A CPU specification language could be used to write a Symbolics type
CPU.
Then the CPU could be emulated by people who want to play with the
Lisp OS
and turned into a chip by people who want to hardware-hack a Lisp
machine.
If you could somehow create some mircocode for a Intel or AMD
processor to turn it into an Ivory-type (LISP) processor--that would
be cool.
Prehaps someone could write a good quality Lisp compiler in a ROM and
use it like BIOS to build a Lisp Machine out of stock chips.
How hard would it be to write a Lisp Compiler on a EPROM and create a
Lisp board or even a board for any other language.
If you wrote a BIOS in Lisp you'd be well on your way to creating a
Lisp machine.
And, after the kernal is written--the rapid prototyping and
interactive development that Lisp provides would make it easier to
create a Lisp OS.
I'm sure that people are working on such kernals--if anyone needs help
with such projects please e-mail me I'm a Lisp programmer who's
willing to help.
Christopher C. Stacy
Ketil> More specific question: how is security achieved, when everything's
Ketil> open, and communciation is done through unrestricted, shared objects?
Ketil> The reasons given doesn't sound very convincing, looking from a
Ketil> malicious user perspective.
It's a single-user system and there is no protecting the
user from himself, if he decides to be self-malicious.
Marco Antoniotti
Other people have already pointed this out, but....
Franz Kafka wrote:
> Petter Gustad wrote:
>
> >Personally I think it would be more fun to
> >make the FPGA version :-)
> >
>
>
> A CPU specification language could be used to write a Symbolics type
> CPU.
Once you have chosen your Hardware Design Language (VHDL, Verilog or one
you have implemented from scratch in CL) you can start writing the
"Symbolics type CPU".
Can you estimate the cost for this enterprise?
>
> Then the CPU could be emulated by people who want to play with the
> Lisp OS
This assumes you have the OS. Can you estimate the cost of this enterprise?
>
> and turned into a chip by people who want to hardware-hack a Lisp
> machine.
Again, can you estimate the cost of this enterprise, given the cost of
producing hardware?
>
>
> If you could somehow create some mircocode for a Intel or AMD
> processor to turn it into an Ivory-type (LISP) processor--that would
> be cool.
Yes. And this is usually beyond the time-frame of a Ph.D. thesis.
>
> Prehaps someone could write a good quality Lisp compiler in a ROM and
> use it like BIOS to build a Lisp Machine out of stock chips.
Once you have done all of the above, yes.
>
>
> How hard would it be to write a Lisp Compiler on a EPROM and create a
> Lisp board or even a board for any other language.
It isn't hard. It's costly.
>
> If you wrote a BIOS in Lisp you'd be well on your way to creating a
> Lisp machine.
>
> And, after the kernal is written--the rapid prototyping and
> interactive development that Lisp provides would make it easier to
> create a Lisp OS.
>
> I'm sure that people are working on such kernals--if anyone needs help
> with such projects please e-mail me I'm a Lisp programmer who's
> willing to help.
How about helping on many other less risky, less costly, more directly
useful projects out there first? McCLIM for example.
Cheers
--
Marco Antoniotti
Ole Myren Rohne
> Once you have chosen your Hardware Design Language (VHDL, Verilog or
> one you have implemented from scratch in CL) you can start writing the
> "Symbolics type CPU".
That's cheating! He needs to start defining a lisp-based HDL;-)
Ole
Paul Wallich
Most of the early public geometry-description languages more or less
took s-expressions, so that's a start. (I can't remember whose silicon
compiler it was that took Lisp code that implemented simple algorithms
and ran it through a series of code transformations that ended up
emitting piles of properly placed rectangles. It was useless, but very
sweet to look at.)
paul
Petter Gustad
Well, you could write it in EDIF, which is Lisp :-)
Jouni Matti Juhani Osmala
> Ole Myren Rohne <ole....@fys.uio.no> writes:
>
> > Marco Antoniotti <mar...@cs.nyu.edu> writes:
> >
> > > Once you have chosen your Hardware Design Language (VHDL, Verilog or
> > > one you have implemented from scratch in CL) you can start writing the
> > > "Symbolics type CPU".
> >
> > That's cheating! He needs to start defining a lisp-based HDL;-)
>
> Well, you could write it in EDIF, which is Lisp :-)
Well, I personally like lisp, and dislike VHDL, can EDIF be recommended as a
general purpose HDL?
How widely its used? Is it supported by most foundries?
Is there something that is cheap enough for student to import edif files to
FPGA:s.
Jouni Osmala
Helsinki University of Technology
Electrical Engineering.
ps. They only teach us VHDL. (And if there is something better I'd love to
learn it.)
Petter Gustad
> Petter Gustad <newsma...@gustad.com> writes:
>
> > Ole Myren Rohne <ole....@fys.uio.no> writes:
> >
> > > Marco Antoniotti <mar...@cs.nyu.edu> writes:
> > >
> > > > Once you have chosen your Hardware Design Language (VHDL, Verilog or
> > > > one you have implemented from scratch in CL) you can start writing the
> > > > "Symbolics type CPU".
> > >
> > > That's cheating! He needs to start defining a lisp-based HDL;-)
> >
> > Well, you could write it in EDIF, which is Lisp :-)
>
> Well, I personally like lisp, and dislike VHDL, can EDIF be recommended as a
> general purpose HDL?
No (notice the smiley). EDIF is a netlist format. However, you could
probably write some clever macros and functions in order to produce
some readable and maintainable HDL descriptions in Common Lisp if you
had an EDIF simulator (or you could convert the EDIF to verilog prior
to simulation).
> How widely its used? Is it supported by most foundries?
Very widely used and probably the most supported netlist format.
> Is there something that is cheap enough for student to import edif files to
> FPGA:s.
You can do this in Altera Quartus and Xilinx ISE. Don't know if the
free Web versions can do this though.
Stephen J. Bevan
> ... . EDIF is a netlist format. However, you could
> probably write some clever macros and functions in order to produce
> some readable and maintainable HDL descriptions in Common Lisp if you
> had an EDIF simulator (or you could convert the EDIF to verilog prior
> to simulation).
EDIF 2 0 0 tried to cover lots of areas but effectively only really
supported netlist and some schematics. EDIF 3 0 0 made a much better
job of schematics and EDIF 4 0 0 added support for PCB/MCM layouts,
design rules, drawings, ... etc. However, it is possible that
although EDIF 3 0 0 became an IEC standard almost 10 years ago,
various tools have not been updated since the users/vendors were
mainly interested in netlists.
Rob Warnock
+---------------
| Jouni Matti Juhani Osmala <jos...@nimaatre.hut.fi> writes:
| > Petter Gustad <newsma...@gustad.com> writes:
| > > Ole Myren Rohne <ole....@fys.uio.no> writes:
| > > > Marco Antoniotti <mar...@cs.nyu.edu> writes:
| > > > That's cheating! He needs to start defining a lisp-based HDL;-)
| > > Well, you could write it in EDIF, which is Lisp :-)
| > Well, I personally like lisp, and dislike VHDL, can EDIF be recommended
| > as a general purpose HDL?
|
| No (notice the smiley). EDIF is a netlist format. However, you could
| probably write some clever macros and functions in order to produce
| some readable and maintainable HDL descriptions in Common Lisp if you
| had an EDIF simulator (or you could convert the EDIF to verilog prior
| to simulation).
Here's one design/simulation approach, albeit somewhat dated by now:
<URL:http://www.swiss.ai.mit.edu/~jaffer/SIMSYNCH>
<URL:http://www.swiss.ai.mit.edu/~jaffer/Work/scm95-1>
<URL:http://www.swiss.ai.mit.edu/~jaffer/Work/scm97>
-Rob
-----
Rob Warnock, PP-ASEL-IA <rp...@rpw3.org>
627 26th Avenue <URL:http://rpw3.org/>
San Mateo, CA 94403 (650)572-2607
Bernd Paysan
> Well, I personally like lisp, and dislike VHDL, can EDIF be recommended as
> a general purpose HDL?
EDIF is just a netlist format. A lisp-like general purpose HDL would allow
to define event-triggered functions; I'm pretty sure you could use Lisp to
define a complete high-level HDL.
--
Bernd Paysan
"If you want it done right, you have to do it yourself"
http://www.jwdt.com/~paysan/
David Rush
> On Tue, 01 Apr 2003 11:36:33 +0900, Alex Shinn wrote:
> > It would be much better to have a nice Lisp/Scheme repl where you
> > can interactively query the HW and write newer drivers faster.
> > It would be worth the initial time investment.
>
> You might be interested in Schemix (aka SILK = Scheme In the Linux
> Kernel). Have a look at:
NOOooooo!!!! Not another SILK!
david rush
--
Scheme: When the line noise gets too much for you.
-- Anton van Straaten (the Scheme Marketing Dept from c.l.s)
Petter Gustad
> Here's one design/simulation approach, albeit somewhat dated by now:
>
> <URL:http://www.swiss.ai.mit.edu/~jaffer/SIMSYNCH>
> <URL:http://www.swiss.ai.mit.edu/~jaffer/Work/scm95-1>
> <URL:http://www.swiss.ai.mit.edu/~jaffer/Work/scm97>
Thank you for the url's.
Harri Haataja
System protections[1] aren't there for users. They are there to protect
various resources from *programs*. Users may or may not be somewhere
behind some program that happened to call a chain of dozen others, but
that has nothing to do with things. Neither has this hypothetical
creature's intentions. It's all about programs for any system.
[1] No, you never protect. You just allow. What is not allowed
(=implemented) is impossible. There is no concept "protect".
Christopher C. Stacy
Harri> Christopher C. Stacy wrote:
>>>>>>> On 03 Apr 2003 09:08:33 +0200, Ketil Malde ("Ketil") writes:
Ketil> More specific question: how is security achieved, when
>> everything's open, and communciation is done through
>> unrestricted, shared objects? The reasons given doesn't sound
>> very convincing, looking from a malicious user perspective.
>>
>> It's a single-user system and there is no protecting the user from
>> himself, if he decides to be self-malicious.
Harri> System protections[1] aren't there for users. They are there to protect
Harri> various resources from *programs*. Users may or may not be somewhere
Harri> behind some program that happened to call a chain of dozen others, but
Harri> that has nothing to do with things. Neither has this hypothetical
Harri> creature's intentions. It's all about programs for any system.
You are the one who began the conversation with the phrase
"malicous user", so naturally I addressed your specific concern.
Now you're saying that the problem is not "users" at all.
Can you please give a specific example of what you're afraid of?
The Lisp Machine, rather surprisingly to people who are unfamiliar
with it, did not in reality experience the kinds of problems that
I think you are worrying about. My personal experience with the
design of secure computing systems goes back 24 years, but I would
like you to elaborate, since you are so insistent that there must
be a terrible problem here. Perhaps we can walk through some examples
to show why the this was, in practice, not a problem on the LispM.
be...@sonic.net
> You are the one who began the conversation with the phrase
> "malicous user", so naturally I addressed your specific concern.
> Now you're saying that the problem is not "users" at all.
> Can you please give a specific example of what you're afraid of?
> The Lisp Machine, rather surprisingly to people who are unfamiliar
> with it, did not in reality experience the kinds of problems that
> I think you are worrying about. My personal experience with the
> design of secure computing systems goes back 24 years, but I would
> like you to elaborate, since you are so insistent that there must
> be a terrible problem here. Perhaps we can walk through some examples
> to show why the this was, in practice, not a problem on the LispM.
Bear in mind that during the period under discussion, there was also
no problem with SMTP and no problem with FTP. The users of these
machines were largely either professionals, academics, or military.
Access to them was expensive and monitored carefully, so they
largely didn't have to deal with malicious users. These people
were not regarded as a general market segment yet, so there was
no spam and no financial motive to subvert remote machines for
purposes of sending spam. No secondary market for personal information
to use in targeted advertising had yet emerged, so there was no
financial motive for software developers to embed spyware or other
malicious code in the programs. And "script kiddies" had not yet
emerged either, nor had industry associations with herds of lawyers
available yet employed darkside hackers to start trying to take
down machines and network segments whose network traffic they
didn't like.
A modern LispM would face a very different environment in terms of
what type of users it was available to. Given the new motivations
of users and developers, and would need much different defenses
against malicious users and malicious code. I think the separate
memory spaces and permission controls of a UNIX type system are an
absolute minimum for anything that's going to be connected to the
net these days. Buffer overruns and stack screws can't happen in
LISP, but if you put something on the net, it will have to deal
with all the hostility that anyone can throw at it.
Bear
Joe Marshall
> A modern LispM would face a very different environment in terms of
> what type of users it was available to. Given the new motivations
> of users and developers, and would need much different defenses
> against malicious users and malicious code. I think the separate
> memory spaces and permission controls of a UNIX type system are an
> absolute minimum for anything that's going to be connected to the
> net these days. Buffer overruns and stack screws can't happen in
> LISP, but if you put something on the net, it will have to deal
> with all the hostility that anyone can throw at it.
www.whitehouse.gov was running CL-HTTP on a Symbolics machine
*outside* the firewall for many years. It was never broken into and
not for lack of trying.
It is true that the vast majority of crackers and script kiddies
wouldn't know where to begin to attack the server, and presumably the
vulnerabilities would be better known if the hardware and software
were more popular, but the immediate evidence indicates that a LispM
running CL-HTTP in a shared address space is far more secure than your
average Apache or IIS installation running in a separate one.
Florian Weimer
> It is true that the vast majority of crackers and script kiddies
> wouldn't know where to begin to attack the server, and presumably the
> vulnerabilities would be better known if the hardware and software
> were more popular, but the immediate evidence indicates that a LispM
> running CL-HTTP in a shared address space is far more secure than your
> average Apache or IIS installation running in a separate one.
Garfinkel and Spafford recommended to run web servers on MacOS (not X)
back in 1996:
| Because of the richness of its tools, the plethora of programming
| languages, and the ability of multiple users to be logged in at the
| same time from remote sites over a network, the UNIX operating
| system is a remarkably bad choice for running secure Web servers.
| Because many PC-based operating systems share many of these
| characteristics, they are also not very good choices. Experience
| has shown that the most secure Web server is a computer that runs a
| Web server and no other applications, that does not have a readily
| accessible scripting language, and that does not support remote
| logins. In practice, this describes an Apple Macintosh computer
| running MacHTTP, WebStar, or a similar Web server. According to
| recent surveys, such computers comprise as many as 15% of the Web
| servers on the Internet.
(Pre-X MacOS didn't even a decent virtual memory management, and no
process separation. 8-)
Pascal Bourguignon
Web servers running on MacOS (not MacOSX) with a shared address space
too are deemed quite secure too. The absence of a "shell" running on
the OS seemed to be helpful.
--
__Pascal_Bourguignon__ http://www.informatimago.com/
----------------------------------------------------------------------
Do not adjust your mind, there is a fault in reality.
Sander Vesik
> | Because of the richness of its tools, the plethora of programming
> | languages, and the ability of multiple users to be logged in at the
> | same time from remote sites over a network, the UNIX operating
> | system is a remarkably bad choice for running secure Web servers.
> | Because many PC-based operating systems share many of these
> | characteristics, they are also not very good choices. Experience
> | has shown that the most secure Web server is a computer that runs a
> | Web server and no other applications, that does not have a readily
> | accessible scripting language, and that does not support remote
> | logins. In practice, this describes an Apple Macintosh computer
> | running MacHTTP, WebStar, or a similar Web server. According to
> | recent surveys, such computers comprise as many as 15% of the Web
> | servers on the Internet.
>
> (Pre-X MacOS didn't even a decent virtual memory management, and no
> process separation. 8-)
Yeah, now imagine a buffer overrun in a cgi and what the result is 8-)
But I think there are enough problems also around efficent support
for multi-stream i/o that these OSs have traditionaly been lousy on.
Also 'no remote logins' makes administration so much more painful and
costly.
--
Sander
+++ Out of cheese error +++
Florian Weimer
> Yeah, now imagine a buffer overrun in a cgi and what the result is 8-)
Well, back in 1996, there weren't any worms, and the crackers were
after decent platforms. 8-)
Consumer Windows boxes are pretty much in the same boat today, and
they *are* targeted heavily. Sure, most home users haven't really
fast Internet connections, but a botnet of a few thousand bots can
wreck a lot of havoc, no matter how much the individual hosts can
contribute.
> But I think there are enough problems also around efficent support
> for multi-stream i/o that these OSs have traditionaly been lousy on.
MacOS is very good at two-stream I/O.
(Yeah, I know, you meant something else. 8-)
> Also 'no remote logins' makes administration so much more painful and
> costly.
If MacOS was more interesting, we had stuff like Back Orifice for it.
Tom Knight
issues of language design. In Lisp, you can't reference an object in
memory unless you have a pointer to the object. You can't reference
outside of the array bounds of an array. Buffer overflow attacks
essentially are impossible. The result is that it is VERY easy to
write code which is bullet-proof compared to essentially any other
system. All you have to do is control who has access to pointers, and
who gets to hand out the pointers. As usual, there are
"sub-primitive" operations which allow users to do things out of the
box, but it is a relatively straightforward check to assure that none
of those primitives are used in code (the names by convention began
with a % symbol). While we did not attempt to make highly secure
operating systems, the security of the resulting systems was very high
compared to the junk we see palmed off as software today.
Eventually, I suppose, we'll get back to that point again. Anyone who
would like to help, let me know.
Brian Hurt
> Joe Marshall <j...@ccs.neu.edu> writes:
>
> > be...@sonic.net writes:
> >
> > > A modern LispM would face a very different environment in terms of
> > > what type of users it was available to. Given the new motivations
> > > of users and developers, and would need much different defenses
> > > against malicious users and malicious code. I think the separate
> > > memory spaces and permission controls of a UNIX type system are an
> > > absolute minimum for anything that's going to be connected to the
> > > net these days. Buffer overruns and stack screws can't happen in
> > > LISP, but if you put something on the net, it will have to deal
> > > with all the hostility that anyone can throw at it.
> >
> > www.whitehouse.gov was running CL-HTTP on a Symbolics machine
> > *outside* the firewall for many years. It was never broken into and
> > not for lack of trying.
> >
> > It is true that the vast majority of crackers and script kiddies
> > wouldn't know where to begin to attack the server, and presumably the
> > vulnerabilities would be better known if the hardware and software
> > were more popular, but the immediate evidence indicates that a LispM
> > running CL-HTTP in a shared address space is far more secure than your
> > average Apache or IIS installation running in a separate one.
>
> Web servers running on MacOS (not MacOSX) with a shared address space
> too are deemed quite secure too. The absence of a "shell" running on
> the OS seemed to be helpful.
A friend of mine uses an old Apollo DN10K workstation (for those of
you who remember the DN10K) as his firewall/mailserver. He derives
great amusement watching 31337 haxorz trying to deal with this
machine. He hasn't be hacked yet...
Is the defense something innate to the system, or just using an
obscure enough machine that the black hat community isn't set up to
deal with it?
Brian
Rupert Pigott
news:81f0f84e.03040...@posting.google.com...
[SNIP]
> A friend of mine uses an old Apollo DN10K workstation (for those of
> you who remember the DN10K) as his firewall/mailserver. He derives
> great amusement watching 31337 haxorz trying to deal with this
> machine. He hasn't be hacked yet...
I'd love to have a DN10000. :/
> Is the defense something innate to the system, or just using an
> obscure enough machine that the black hat community isn't set up to
> deal with it?
Depends on what it's running I suspect. Domain/OS
could run BSD and AIX personalities and had a sort
of Multics inspired feel to it - AFAICT. I would
not be surprised if someone has ported NetBSD to it
too. I haven't had the chance of playing with one,
more is the pity. :(
I really don't trust security by obscurity, but it
may just be difficult enough that a casual cracker
won't bother with it after discovering none of the
skr1ptz work and he can't find any 5pl017z for it
in the vulnerability databases.
Cheers,
Rupert
MJ Ray
> Well, back in 1996, there weren't any worms, and the crackers were
> after decent platforms. 8-)
Nice rose-tinted glasses that you have there. Nostalgiavision?
Toon Moene
> A friend of mine uses an old Apollo DN10K workstation (for those of
> you who remember the DN10K) as his firewall/mailserver. He derives
> great amusement watching 31337 haxorz trying to deal with this
> machine. He hasn't be hacked yet...
I recall reading about someone who installed the Hercules IBM/360
emulator on his Linux system and running (Debian) Linux/360 on that.
He installed and started Apache on the emulated Linux and tried it.
Thinking about it, he just let it run that way - it surely wouldn't be
hacked :-)
--
Toon Moene - mailto:to...@moene.indiv.nluug.nl - phoneto: +31 346 214290
Saturnushof 14, 3738 XG Maartensdijk, The Netherlands
Maintainer, GNU Fortran 77: http://gcc.gnu.org/onlinedocs/g77_news.html
GNU Fortran 95: http://gcc-g95.sourceforge.net/ (under construction)
Harri Haataja
I don't remember that and I don't see it in the thread. I do remembering
commenting on similiar subject in a thread about a scheme interpreter in
Linux kernel. My memory may ofcourse fail.
That was just a brief comment, since people always seem to talk about
"user this" and "user that" when all programs care about are other
programs or in some specific cases input data streams.
It is too large a question to address here and very elementary to common
security practises in real world and in computers. Maybe there's something
like that in lispm, but I haven't seen it nor any of these machines. To me
"it's a single-user computer" sounds like an excuse to make win3 or
amigaos.
I'll try to steer this in a discussable direction:
In this hypothetical lisp os or on a real one, is the language enforced?
Can you use mere syntax to say "you can't access what you don't have a
reference to" and have that solve problems? What about data storage and
directory or catalog interfaces to files? What about compiled programs?
What's to stop a buggy web server from writing over files it's only
supposed to serve, for example?
--
War is Peace
Slavery is Freedom
Backspace is Delete.
-- Currently unattributed .sig
Christopher Browne
> What's to stop a buggy web server from writing over files it's only
> supposed to serve, for example?
Read only access, maybe?
My Apache processes are running under a user role that does not allow
them to overwrite the files they are serving.
--
(concatenate 'string "cbbrowne" "@ntlug.org")
http://cbbrowne.com/info/lisp.html
"Windows/NT - From the people who brought you EDLIN"
-- Herb....@novatel.cuc.ab.ca
Andy Glew
> > supposed to serve, for example?
>
> Read only access, maybe?
>
> My Apache processes are running under a user role that does not allow
> them to overwrite the files they are serving.
That's the way to go - or, capabilities.
Whatever, the access control must be made lighterweight and
not dependent on sysadmin/IT. I just set up a wiki server,
and am tied in knots because sysadmins don't want to
give me a new userid or groupid, so that I can properly
restrict the server.
Creation of new "user roles" should not require sysadmin
intervention. It should be possible for any user role to create
a subrole with a subset of capabilities.
Administering your own machine, whether physical or virtual,
might amount to the same thing.
Patrick Schaaf
>> > What's to stop a buggy web server from writing over files it's only
>> > supposed to serve, for example?
>>
>> Read only access, maybe?
>>
>> My Apache processes are running under a user role that does not allow
>> them to overwrite the files they are serving.
>That's the way to go - or, capabilities.
Full ack. When designing production Unix systems (Linux, in fact),
it is a good idea to have at least the network visible parts
running A) under their own uid, B) chrooted, if possible,
and C) with everything you can get away with being readonly.
>Whatever, the access control must be made lighterweight and
>not dependent on sysadmin/IT. I just set up a wiki server,
>and am tied in knots because sysadmins don't want to
>give me a new userid or groupid, so that I can properly
>restrict the server.
Shoot that admin. He does not honor security. It's a clear
sign of bad administration when people _request_ a proper
security related separation, and are denied due to lazyness.
It does not help a bit if that lazyness is codified as policy.
>Creation of new "user roles" should not require sysadmin
>intervention. It should be possible for any user role to create
>a subrole with a subset of capabilities.
A nice experimental OS I read about, which had that as one of its
main points, is Andrew Valencia's VSTA. See the capability papers at
http://www.vsta.org/documentation/documentation.html
>Administering your own machine, whether physical or virtual,
>might amount to the same thing.
Exactly. Regarding the "virtual" bit, another project worth looking
at, which is actively developed (though a bit off the normal Linux
development track), can be found at
http://www.solucorp.qc.ca/miscprj/s_context.hc
That's an attempt at making Linux virtual at the syscall level,
giving the possibility to have whole different Linux distributions
running, private init process and all. Both the visible processes,
and the visible networking setup (netstat, IP address binding, also
its implicit wildcard forms) are properly virtualized.
We start to build production web farm systems, inhouse, using this
project's code.
best regards
Patrick