From: Aaron Davidson (davidson@cs.ualberta.ca)
Date: Wed Jul 19 2000 - 23:53:58 MDT
>Awesome. I'll check it out
>
>Some questions:
> - Why the "modems need not apply" stuff? If you've got hefty comms
>requirements, that's going to cost your nodes a lot of money.
It's not as much a bandwidth issue as a latency / stability one.
Modems are low bandwidth *and* high high latency. Our goal with vastmind is
too use only the highest quality nodes available (especially at first). This
saves us and users an order of magnitude worth of headaches, plus makes the
system more robust and snappy.
> - It looks like you allow C & Java programs to run at the nodes (ie:
>user's computers). There is no way in the world I'd let a service like this
>run straight C on my machine. Java is a different story, because I think you
>can ensure that it is running in it's own secluded sandbox, no opportunity
>to be evil to my machine/network/etc. Why allow C, and what are the security
>implications for Java?
This is perhaps the most sensitive and tricky issue to tackle, and
many facets of it are completely OS dependant. For java, things are
much safer, but for C, it is very difficult. For starters, we will
not allow any node modules that have not been verified by vastmind,
source code level, to ensure they do not do anything bad. New modules
are propagated through the network by our server only, so we have
control over what gets put onto each node. On the unix side of
things, BSD users can invoke a 'jail' (sandbox) around a program, and
are free to set overall permissions on the node software. chroot is
also useful for forcing a program to only be able to see a designated
portion of the filesystem (but is not completely secure).
> - How do you make sure that stuff running on a node machine doesn't
>entirely consume all resources on that machine (dont say "nice").
nice -19 is a start, but we do also determine the machine's load
average and if the machine is not idle, it does not 'check in' to
the server for more work, and sleeps partially if it is currently
processing anything, so you should never notice any slowdowns.
--Aaron
-- +-------------------------------------------------------------------------+ | Aaron Davidson <ajd@ualberta.ca> http://www.cs.ualberta.ca/~davidson/ | +-------------------------------------------------------------------------+
This archive was generated by hypermail 2.1.5 : Fri Nov 01 2002 - 15:30:03 MST