[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: auth handshake and rendevouz objects
From: |
Marcus Brinkmann |
Subject: |
Re: auth handshake and rendevouz objects |
Date: |
Wed, 6 Nov 2002 01:02:57 +0100 |
User-agent: |
Mutt/1.4i |
On Tue, Nov 05, 2002 at 09:01:37PM +0100, Niels Möller wrote:
> * Unpredictable behaviour if a malicious task floods other threads
> with messages. I'm afraid that is a problem that's hard to solve,
> and which we should perhaps ignore for now. I think it's basically a
> resource limits and resource allocation problem. Sending a message
> should cost you some cpu-time in the scheduling algorithm, to
> compensate for the cputime it costs the receiver to check if you're
> authorized to talk to it.
You might want to check out EROS (extremely reliable operating system) that
is so paranoid that it doesn't do anything for you: If you want the kernel
to perform a job for you, you have to donate the CPU time for this.[1][2]
Thanks,
Marcus
[1] An interesting anecdote is that some time ago a bug was fixed: When you
did create a new thread without giving it some of your cpu time to run on,
the kernel would send an error message. Because generating an error message
consumes CPU time, this was a resource leak, a malicious user could generate
many threads without CPU time and thus waste CPU time of the system it didn't
provide itself. The bug was fixed: Now a thread that is created without CPU
time will not do anything, and nothing will happen (ie, no error message,
nothing). It just sits there.
[2] EROS is worth a look for other reasons, too, for example, it is
persistent.
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' GNU http://www.gnu.org address@hidden
Marcus Brinkmann The Hurd http://www.gnu.org/software/hurd/
address@hidden
http://www.marcus-brinkmann.de/
- Re: auth handshake and rendevouz objects, (continued)
- Re: auth handshake and rendevouz objects, Niels Möller, 2002/11/05
- Re: auth handshake and rendevouz objects, Marcus Brinkmann, 2002/11/05
- Re: auth handshake and rendevouz objects, Neal H. Walfield, 2002/11/05
- Re: auth handshake and rendevouz objects, Niels Möller, 2002/11/05
- Re: auth handshake and rendevouz objects, Neal H. Walfield, 2002/11/05
- Re: auth handshake and rendevouz objects, Niels Möller, 2002/11/06
- Re: auth handshake and rendevouz objects, Michal 'hramrach' Suchanek, 2002/11/11
- Re: auth handshake and rendevouz objects,
Marcus Brinkmann <=
- Re: auth handshake and rendevouz objects, Neal H. Walfield, 2002/11/05
- Re: auth handshake and rendevouz objects, Niels Möller, 2002/11/05
- auth handshake and rendevouz objects, Sunnanvind Fenderson, 2002/11/30
- Re: auth handshake and rendevouz objects, Marcus Brinkmann, 2002/11/30
- Re: auth handshake and rendevouz objects, Neal H. Walfield, 2002/11/05
Re: auth handshake and rendevouz objects, Neal H. Walfield, 2002/11/05