Slashdot videos: Now with more Slashdot!
We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).
There are architectural reasons to separate, and economic & practical reasons to consolidate - or not. I'd say you're off the curve of reasonable expectations if you're asking for mainframe-style "trusted" isolation on a setup of only a few (or just one) PC-grade servers in which you have all applications and services running together along with a variety of login access from different categories of users who may be potential attackers. Not that there's anything wrong with the BSD's etc, but in the scenarios you imply, you might be placing your support resources in areas of lower risk priority. Or maybe you yourself are the single supporter?
I say "PC-grade" because your scenario sounds economically uninteresting -- important enough to protect as you want (with excessive apps & users), but not important enough that there's budget to do hardware separation. Just because you're broke doesn't mean that Unix is broken. I agree that BSD Capsicums (etc) may be a good fit for these outlier use-cases, or special situations, but mostly if your establishment is willing to make a heavy technology investment in going that route.
There's more to life than an abstract security model. Virtual machines are cheap these days, don't let untrusted users (or processes) onto your important server in the first place. If you insist on OS timesharing and full security, well, you're fooling yourself IMHO. Of course VMS could do it, but try to find one now. Not cost effective for the real purpose of getting stuff done, ie, running applications.
Maybe the IRS should make it less onerous to re-pat the cash if they want it badly enough, instead of the hunting mentality as is perceived. Eg, anonymous fixed rate conversions independent of any other factors such as owner's income.
where the gravitational pull is so strong that nothing can escape.
I always wondered about this. Isn't it just a basic calculation showing the point where escape velocity exceeds the speed of light? Meaning that ballistically nothing can escape on it's own, but if you had a "space elevator" (with super-strong cables not defined here) you could raise and lower things into a black hole (or planet Earth) at whatever speed you wanted. So why not lower in a camera and take a look? And if the super-strong cable also does Ethernet, you wouldn't even have to raise it back, unless gravitational escape velocity also applies to electricity.
Physics being what it is, the rebuttal could something like proof that such a super-strong cable couldn't exist, even if the thought-experiment is valid. To keep it from getting infinitely crushed, maybe you have to build it out of some sort of antidote physical-contradiction like magnetic monopoles