[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ANNOUNCE] Introducing Codezero
From: |
Sam Mason |
Subject: |
Re: [ANNOUNCE] Introducing Codezero |
Date: |
Tue, 28 Jul 2009 07:57:20 +0100 |
User-agent: |
Mutt/1.5.13 (2006-08-11) |
On Tue, Jul 28, 2009 at 08:37:36AM +0200, Bas Wijnen wrote:
> On Sun, Jul 26, 2009 at 01:53:29PM +0200, Bas Wijnen wrote:
> > The ability to contact a thread is one thing you need a capability for.
> > But to contact a thread with a certain request (and no other) is also
> > something capabilities should allow for. That is hard to implement
> > without kernel protection, AFAICS.
>
> I forgot to mention a feature that is not possible without kernel
> protection: encapsulation. If the server is responsible for its access
> control, it is impossible to forbid it to _receive_ messages from
> untrusted sources. If there is a program that is willing to listen, it
> can simply not do access control, and allow any request. That means
> that you never know if a program can communicate (in fact both incoming
> and outgoing) with other programs. AFAICS, the only solution to this is
> kernel support.
Strictly speaking, encapsulation of this kind is possible without kernel
support; just look at qemu or similar---run your untrusted code in a
system emulator and all is safe. The problem is doing this efficiently;
kernel support is required if you want to solve the problem with less of
a sledge hammer.
--
Sam http://samason.me.uk/
- Re: [ANNOUNCE] Introducing Codezero, (continued)
- Re: [ANNOUNCE] Introducing Codezero, olafBuddenhagen, 2009/07/10
- Re: [ANNOUNCE] Introducing Codezero, Bahadir Balban, 2009/07/13
- Re: [ANNOUNCE] Introducing Codezero, olafBuddenhagen, 2009/07/17
- Re: [ANNOUNCE] Introducing Codezero, Bahadir Balban, 2009/07/25
- Re: [ANNOUNCE] Introducing Codezero, Sam Mason, 2009/07/25
- Re: [ANNOUNCE] Introducing Codezero, Bas Wijnen, 2009/07/26
- Re: [ANNOUNCE] Introducing Codezero, Sam Mason, 2009/07/26
- Re: [ANNOUNCE] Introducing Codezero, Bas Wijnen, 2009/07/26
- Re: [ANNOUNCE] Introducing Codezero, Bas Wijnen, 2009/07/28
- Re: [ANNOUNCE] Introducing Codezero,
Sam Mason <=
- Re: [ANNOUNCE] Introducing Codezero, Bahadir Balban, 2009/07/29
- Re: [ANNOUNCE] Introducing Codezero, Bas Wijnen, 2009/07/29
- Re: [ANNOUNCE] Introducing Codezero, Bahadir Balban, 2009/07/29
- Re: [ANNOUNCE] Introducing Codezero, Sam Mason, 2009/07/29
- Re: [ANNOUNCE] Introducing Codezero, Jonathan Shapiro, 2009/07/29