Re: [dev] Lessons Learned from 30 Years of MINIX

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: <stanio_AT_cs.tu-berlin.de>
Date: Sun, 6 Mar 2016 16:39:50 +0100

* Anselm R Garbe 2016-03-06 15:56
> I agree, though this is not stricly a problem with monolithic approaches either.
> In the end you have to trust the process governor to limit the
> privileges of a process (or thread) to its specification/requirement.
> If the governor is only one SPOF (monolith) or if there are multiple
> forks of such a SPOF (microkernel) makes no big difference in the end.
> If the SPOF has a flaw, the flaw is everywhere, regardless the process
> model.

to my understanding, the governer (or whatever SPOF) is again yet
another problem. I agree that it has the same impact in both designs.

when you have as less as it gets in kernel space, however, you are
exposed to less vulnerabilities inherent to the (governed) code (running
user space), which the SPOF is not in control of.

cheers
--s
Received on Sun Mar 06 2016 - 16:39:50 CET

This archive was generated by hypermail 2.3.0 : Sun Mar 06 2016 - 16:48:10 CET