Artifact Content
Not logged in

Artifact 2f4b54960abe7741ec4a30fc271972b0dc074475:

Wiki page [Experiment: mmmv_silkexec] by martin_vahi on 2017-01-08 21:38:27.
D 2017-01-08T21:38:27.219
L Experiment:\smmmv_silkexec
P 1b4f80449f5e67e1393447fc907f2598305508b2
U martin_vahi
W 5797
<p><b><font color="#ff0000">Currently code for the mmmv_silkexec does not exist</font></b>,
but the development deliverables will be among versioned files, when it becomes
available.</p>

<p><br>
</p>

<p>A <b>mmmv_silkexec application (hereafter: silkexapp) is wrapper to other
applications</b>, including other mmmv_silkexec applications. <b>The purpose of
the wrapping is to use extra tags and user specific configuration parameters</b>
for using the wrappable application.</p>

<p>The mmmv_silkexec project consists of the following tools:</p>

<p></p>
<ul>
<li>The mmmv_silkexec command line tool for executing silkexapps by
automatically prefixing the PATH with a silkexapp specific PATH value. Call
syntax: &nbsp;</li>
</ul>

<blockquote>mmmv_silkexec &lt;full path of or a name on the PATH&gt; &lt;the
command line args of the silkexapp&gt;</blockquote>

<div><br>
</div>
<ul>
<li>An application for maintaining the tags, for example, tester specific test
results.</li>
<li>An application for maintaining mmmv_silkexec local installation specific
global configuration and the collection of silkexapps.<br>
</li>
</ul>

<p></p>

<p>No technical solution is going to compensate for crappy work, because
technical tools can be switched off or the original authors of software may
leave edge cases out of consideration. The main ideas behind the mmmv_silkexec
are<b>&nbsp;</b>to <b>allow the execution of only those silkexapps that have
been tested and/or verified by trusted parties</b>, the
<a href="https://nixos.org/nix/">NixOS package manager</a> idea that each
application is executed in an environment, where <b>the LD_LIBRARY_PATH and the
PATH have silkexapp specific prefixes</b>, the reliance on operating system
services is&nbsp;<b>limited to the UNIX standard</b> to give the mmmv_silkexec
a chance to be ported to all operating systems that have the UNIX layer <i>(Linux,
BSD, GNU Hurd, Genode OS, Minix3),</i> the&nbsp;mmmv_silkexec must be fully <b>usable
without having any root access</b>.</p>

<p><br>
</p>

<h1>Package Format</h1>

<p>None of the silkexapp standard file and folder names contain any spaces,
tabulation characters, line breaks. All silkexapp configuration text files, the
ones at the silkexapp etc folder, are preprocessed by removing all spaces,
tabulation characters, <b>single-line-comments that start with either "#" or
"//"</b>. After the single-line-comments deletion preprocessing step all of the
linebreaks are deleted, except for the list_of_immediate_dependencies.txt.</p>
<pre>&lt;relateive ID as folder name&gt;</pre>
<pre>    +--bin</pre>
<pre>    +-- etc</pre>
<pre><pre>    |    +--overriding_values_of_environment_variables   # the existence of this folder is optional</pre><pre>    |    |    |# all in this folder is optional</pre><pre>    |    |    +--LD_LIBRARY_PATH.txt
</pre><pre>    |    |    +--PATH.txt</pre><pre>    |    |    +--CFLAGS.txt</pre><pre>    |    |    +--&lt;other environment variables&gt;</pre><pre>    |    |</pre></pre>
<pre>    |    +--prefixes_of_environment_variables   # the existence of this folder is optional</pre>
<pre>    |    |    |# all in this folder is optional</pre>
<pre>    |    |    +--LD_LIBRARY_PATH.txt
</pre>
<pre>    |    |    +--PATH.txt</pre>
<pre>    |    |    +--CFLAGS.txt</pre>
<pre>    |    |    +--&lt;other environment variables&gt;</pre>
<pre><pre>    |    |</pre><pre>    |    +--list_of_immediate_dependencies.txt # Optional, if dependencies not declared.</pre><pre>    |                                          # Otherwise one <a href="./wiki?name=Algorithm+and+Implementation">Silktorrent packet</a> name per line.</pre><pre>    |</pre><pre>    +--src</pre><pre>    +--build</pre></pre>
<pre><br>


</pre>

<p>To make it possible to share mmmv_silkexec applications between different
users of a same machine, packages are allowed to assume that they have write
access only to&nbsp;</p>

<p></p>
<ul>
<li>/tmp</li>
<li>~/.silktorrent/mmmv_silkexec/applications_write_area/&lt;`whoami`&gt;/&lt;relative
path from package collection root&gt;</li>
</ul>

<p></p>

<p>everything in the package bin folder should assume that&nbsp;</p>

<p>The package bin folder is placed automatic<font color="#ff0000">ally to the
PATH before &lt;TODO: text to be completed&gt;</font></p>

<p><br>
</p>

<h1>Testing (Including Verification and Audits)</h1>

<p>The executable mmmv_silkexec application must have only dependencies that
have also been verified and/or tested by trusted parties.&nbsp;</p>

<p>Different parties trust different other parties. Trust is a multidimensional
value. A very kindhearted and not corrupt person can be totally untrustworthy
from their capabilities point of view. On the other hand, sometimes, at some
narrow contexts, enemies can be more trustworthy than friends. For example,
enemies might have a good track record of fine skills and being rigorous and
they might use some component, software package, at some security wise
extremely critical role, while being very rigorous at the construction of their
software component.<br>
</p>

<p>Given that
<a href="http://martin.softf1.com/g/yellow_soap_opera_blog/the-future-of-security-audits-episode-0">the
only proper way to verify/review code is a fully automated way</a><i>(<a href="https://archive.is/h3HJ4">archival
copy</a>)</i>, there has to be a way to subscribe to the testing/verification
system of the trusted parties. To avoid a Denial of Service attack by hacking
into the testing/verification systems of one of the trusted parties, the local
settings of the mmmv_silkexec should treat a test failure of a formerly
accepted component as a timed warning, where the warning state moves to a
blocked/failed state with a delay. The delay gives the trusted party time to
handle the hack.</p>

<p><br>
</p>

Z e502f3a4efc96da7e4bb685975d66bb6