19 Aug
2006
19 Aug
'06
2:02 p.m.
Alexey Toptygin wrote:
On Fri, 18 Aug 2006, Chuck Guzis wrote:
There were a lot of good ideas in the iAPX432, anybody knows, if they
actually were used on any OS ?
Why are protections primarily reserved for OS-level tasks? Why not
subset
protections within the user area? A user should be able to say that a
plugin or DLL should have only a certain limited number of privledges.
This is computationally expensive and complicated. Every time you have
to cross a privilege boundary you have to switch context, validate any
data going across and verify permissions. You also need an exact
specification of the interface for every such interface - if the system
doesn't know what your DLL is allowed to do, how can it stop it from
doing what it shouldn't? This is why this sort of pain is usually
reserved for the user-kernel interface.