tech-kern: RE: vnd: improving support for compressed images

Subject: RE: vnd: improving support for compressed images
To: Wraukon the Excellent <wraukon@gmail.com>
From: De Zeurkous <zeurkous@nichten.info>
List: tech-kern
Date: 06/29/2007 21:09:03

Haai,

On Fri, June 29, 2007 20:45, Wraukon the Excellent wrote:
> On 6/29/07, De Zeurkous <zeurkous@nichten.info> wrote:
>> Haai,
>> On Fri, June 29, 2007 20:30, Wraukon the Excellent wrote:
>>>[snip]
>>
>> That can be partly solved by implementing a ``system land'', a secondary
>> (or rather, primary) process space where processes have direct access to
>> the kernel.
>>
>> Then again, common sense should do the trick.
>
> Common sense does not take malfeasance into account.

Hm, I guess my definition of ``common sense'' is a relatively uncommon
one. Apologies for the inclarity.

> If it's in
> uspace with direct
> access to a system resource, it's exploitable; if it's in uspace and
> constantly talking
> to a kspace "process", it might just as well be in kspace.

The uspace/kspace interface being a notable exception :^)

>
> Also, message passing is overrated.

I've never advocated for message passing -- I prefer stream-based data
passing instead.

>  The failure of the GNU hurd
> kernel to materialise in
> the mainstream,

Then again, most GNU software is unbalanced as heck. It may just have been
above the GNU develers' abilities.

> as well as the bug-fraught first release of Windows
> NT,

Hm, never seen any release of Windoze NT (or any M$ release, for that
matter) that wasn't ``bug-fraught''.

> demonstrate this
> in a spectacularly dismal fashion.
>

Most microkernel designers seem to lack a feeling of balance. There should
be a solid (but not rigid) structure configurable in approximately the
same way as the kernel is now. In fact, I'm very hesistant to employ
kspace methods in building uspace d's. The latter is in my opinion the
principal failure of microkernel designs.

Back to the topic of security, the current UNIX security system
desperately needs an overhaul. Simple lusers and groups specified by a
sysadmin are not enough. It must be possible to both form groups of,
exchange allocated resources between, and (temporarely) split lusers
without admin intervention. The latter will eliminate many potential
security problems both in general and in the implementation of
microkernels.

Baai,

De Zeurkous
-----------

Friggin' Machines!