[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Fwd: Re: The Perils of Pluggability

From: ness
Subject: Fwd: Re: The Perils of Pluggability
Date: Mon, 10 Oct 2005 21:24:49 +0200
User-agent: Mozilla Thunderbird 1.0.6 (X11/20050813)


On Sun, Oct 09, 2005 at 01:23:29PM -0400, Jonathan S. Shapiro wrote:

On Sun, 2005-10-09 at 10:14 +0200, ness wrote:

I guess one of the design goals of the Hurd is to NOT depend on the
implementation of a server. As far as I know, we don't want to ask "is
the implementation of this server trustible?" but ask "is the source
where I got this cap trustible?". We want to allow the user to replace
system components. To e.g. run a new task that uses a different proc
server. So the user says that to it's shell and the shell gives the
right cap to the newly created task. But marcus identified sth. like
your "identify" operation as necessary, AFAIK.

You mix up two things here (or me). Identify (or
cmp/map_lookup/whatever) says whether the cap a client passed to a
server was mapped by the server (in kernel-based caps). See

reply via email to

[Prev in Thread] Current Thread [Next in Thread]