5 Aug
2006
5 Aug
'06
6:54 p.m.
Sean Conner wrote:
I also worked at a software company porting Unix
utilities to QNX and I
really like QNX and what can be done with it. I could use the modem on my
boss' computer to dial out without using *any* special software, just
specify the device on his computer (not only was the file system network
transparent, but you could use devices across the network). You could even
run a program on one computer, pipe the output to another program on another
computer and send the output to a third computer, all from the command line,
and all possible because QNX was built on a microkernel and had all this
functionality built in.
MicroKernels are very nice, and as of recently they have one huge
advantage (not speed for sure). The
bad guys are now going after flaws in device drivers. Guess what,
device drivers run with full privileges
in most OS's these days and no protection whatsoever. So if you have
some very common driver that
is known to have an exploit - say a common network driver, you'll be
owned that way. With a
microkernel, you can isolate the driver against this. Imagine a
specially crafted ethernet or WiFi frame
that triggers a buffer overlow. :-)
see: http://www.theregister.co.uk/2006/08/04/hackers_bypass_os/ and
http://www.theregister.co.uk/2006/08/03/wifi_driver_hack/