Re: capability interface for idl4

l4-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: capability interface for idl4

From:	Simon Nieuviarts
Subject:	Re: capability interface for idl4
Date:	Fri, 7 Oct 2005 16:23:41 +0200
User-agent:	KMail/1.8.2

Le Vendredi 7 Octobre 2005 15:32, Jonathan S. Shapiro a écrit :
> On Fri, 2005-10-07 at 13:05 +0200, Simon Nieuviarts wrote:
> > I don't know the typical probability of a logical gate to erroneously
> > flipping a bit.
>
> It depends on the wattage of the hair dryer you point at it.
>
> A paper was published two years ago investigating hairdryer-induced heat
> for the Java security model. The outcome is quite bad, and it appears to
> apply to runtime-based security in general. The bad part isn't the hair
> dryer. The bad part is that a single bit error is enough to compromise
> the entire runtime-based security model.
>
> Random particle hits generate single bit errors in your computer several
> times a year.

I hurts me to know that. Thanks for the info.

> > But I consider that if the the probability of such an hardware error
> > is higher than the probability of a false sparsity match, then relying on
> > this sparsity may be a right choice.
>
> Hopefully, my previous note will lead you to reconsider this.

It does. We do not need to add sources of insecurity.

Simon.

[Prev in Thread]

Current Thread

[Next in Thread]

Re: problems with hierarchy: L4 pagers, (continued)

Prev by Date: Re: capability interface for idl4
Next by Date: Re: Amoeba's approach to capabilities
Previous by thread: Re: capability interface for idl4
Next by thread: Re: capability interface for idl4
Index(es):
- Date
- Thread