18 Aug
2006
18 Aug
'06
12:21 p.m.
Chuck Guzis wrote:
On 8/18/2006 at 11:39 AM Don wrote:
That's the problem with monolithic kernels, etc. I.e. there is
no way to incorporate the drivers and still keep them "out"
of the kernel's protection domain.
*MY* concern is how do you let FOREIGN code into
your world
AND still protect things? I.e. I can do my best to keep
*my* code bug-free... but, I can't keep "your" code bug-free!
Yet, I need to keep my *system* invulnerable to bugs that you
let creep in. :-( (writing good OS's requires considerably more
forethought than writing good *apps*! :< )
Absolutely. I suppose that some of Windows' bugginess comes from having to
use third-party drivers and services for things not "standard legacy". Something that Apple really doesn't have to worry
about too much. But
allowing malicious code to creep in through one's own email and browser is
not a sign of good design. Certificates have pretty much proven to be
worthless in that respect.
But the OS should allow buggy code and *still* protect the
rest of the system from intrusions of this sort. I suspect
the problem with windows is the user is "effectively" root
(even if not running as "Administrator", if all of *your*
executables have been "contaminated", *your* computing
experience is tainted by them!
"Undocumented" features don't help
either.
--Chuck