As part of possible future work, wouldn't it be advantageous to implement a periodic scheduling of 'raw to qufile' conversion mechanism, especially as the abstraction unaware applications create non '.quifile' files?
The adaptation system developer will write a utility which takes inputs such as a video, and use a standard codex to generate ultimate representations that are scaled and formatted for a set of devices. Untility then creates a new qu file and moves the original video and representations that were generated to the qufile. This utility is registered with the file system's change notification mechanism so it is automatically alerted everytime a video is added. All this process is automated. So, it is a much more effective way to use this approach instead of running a periodic scheduling which runs even when there are no additions.
It is said in the paper "Executing arbitrary code within the file system is dangerous, so policies are executed in a user-level sandbox.". Why is it dangerous to execute arbitrary code within file system.
@akshay, its dangerous because if any arbitrary code makes an unwanted change in file system, it might be difficult to undo the error. that's why i guess sandboxing for policies is done to ensure that the policies do not cause harm.
I agree with anudipa's comment, that is the main concern for the authors to execute the code in a user level, isolated sandbox. Sandboxing is a popular technique for creating confined execution environments, which could be be used for running untrusted programs. A sandbox limits, or reduces, the level of access its applications have (http://www.kernelthread.com/publications/security/sandboxing.html) The scope of potential damage caused by a misbehaving code is reduced this way.
@pramod Please see the paper section 5.4 security: context-aware data redaction. The authors create a quFile that shows only redacted versions of files with sensitive data removed when they are accessed at insecure locations; such as a cafe where people can observe your monitor. The files mentioned here are XML files.
@akshay In addition to my previous comment: some possible dangerous situations are that: buggy policies may damage the file system or consume unbounded resources by executing an infinite loop (Section 3.4)
As part of possible future work, wouldn't it be advantageous to implement a periodic scheduling of 'raw to qufile' conversion mechanism, especially as the abstraction unaware applications create non '.quifile' files?
ReplyDeleteThe adaptation system developer will write a utility which takes inputs such as a video, and use a standard codex to generate ultimate representations that are scaled and formatted for a set of devices. Untility then creates a new qu file and moves the original video and representations that were generated to the qufile. This utility is registered with the file system's change notification mechanism so it is automatically alerted everytime a video is added. All this process is automated. So, it is a much more effective way to use this approach instead of running a periodic scheduling which runs even when there are no additions.
ReplyDeleteIt is said in the paper
ReplyDelete"Executing arbitrary code within the file system is dangerous, so policies are executed in a user-level sandbox.".
Why is it dangerous to execute arbitrary code within file system.
The author talks about image and video applications. Do you know any other application supported by quFile ?
ReplyDelete@akshay,
ReplyDeleteits dangerous because if any arbitrary code makes an unwanted change in file system, it might be difficult to undo the error. that's why i guess sandboxing for policies is done to ensure that the policies do not cause harm.
I agree with anudipa's comment, that is the main concern for the authors to execute the code in a user level, isolated sandbox. Sandboxing is a popular technique for creating confined execution environments, which could be be used for running untrusted programs. A sandbox limits, or reduces, the level of access its applications have (http://www.kernelthread.com/publications/security/sandboxing.html) The scope of potential damage caused by a misbehaving code is reduced this way.
ReplyDelete@pramod
ReplyDeletePlease see the paper section 5.4 security: context-aware data redaction. The authors create a quFile that shows only redacted versions of files with sensitive data removed when they are accessed at insecure locations; such as a cafe where people can observe your monitor. The files mentioned here are XML files.
This comment has been removed by the author.
ReplyDelete@akshay
ReplyDeleteIn addition to my previous comment: some possible dangerous situations are that: buggy policies may damage the file system or consume unbounded resources by executing an infinite loop (Section 3.4)