[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: emulating no-senders notifications in L4?

From: Thomas Bushnell, BSG
Subject: Re: emulating no-senders notifications in L4?
Date: 21 Dec 2001 15:45:08 -0800
User-agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7

Espen Skoglund <address@hidden> writes:

> [Thomas Bushnell]
> > Ondrej Hurt <address@hidden> writes:
> >>> And a task can not die violently since if it raises an exception
> >>> this exception is delivered to an exception handler thread which
> >>> can handle this situation.
> >> 
> >> The exception handler can get stuck itself somewhere and can ignore
> >> exception IPC forever.
> > Not a problem; we would just require that this exception handler be
> > a trusted entity.
> > For this to work, it must be impossible for an unprivileged task to
> > change its exception handler.  In Mach, anyone can change their own
> > exception handler; in the proposed L4 scheme, will that still be so?
> Yes.

In that case, there is a serious bug.  If a thread changes its
exception handler to an uncooperative program, and then dies with the
aid of that program, what will clean up its port rights?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]