Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to")

gnu-arch-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to")

From:	Marcus Sundman
Subject:	Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to")
Date:	Thu, 8 Jul 2004 04:19:56 +0300
User-agent:	KMail/1.6.2

> The VM-level stuff we're talking about is just the idea of building in
> additional protection at the VM-level in a form that resembled
> privilege levels on a real CPU --- just a flag that certain primitives
> can check to decide between running normally and signalling an error.

If you want a good base for different kinds of security I think the only 
solution (currently known to mankind) is to support capability-based 
security. You can build any kind of security system on top of capabilities, 
but you can't build capabilities on top of inherently insecure systems such 
as ACLs. (Capability-based security requires support for "unforgeable" 
pointers (or similar), though, which means that programs can't see all code 
as writable data.)


- Marcus Sundman

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to"), (continued)

Prev by Date: Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to")
Next by Date: Re: [Gnu-arch-users] Arch Roadmap Draft (the anticipated part 3)
Previous by thread: Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to")
Next by thread: Re: [Gnu-arch-users] Re: arch roadmap 1 (and "what's tom up to")
Index(es):
- Date
- Thread