Re: Linux Kernel Security - Can it ever be 100%
On Sat, Dec 06, 2003 at 01:34:06PM +0100, Björn Lindström wrote:
> Tom <tb.31123.nospam@comcast.net> writes:
>
> > What the fuck are you talking about? I'm talking about privilege levels
> > between kernelspace and userspace, not this "community of people".
>
> It's all the same, maaan ... space out ... woah! ...
1. Apache can run in the Kernel now, on the theory that it knows what
its doing and won't fuck up. That's all I'm really saying.
2. Fixed function devices: just as we have cryptography coprocessors or
graphics coprocessors, it seems we could make any arbitrary server
process into a specialized device which would "do one thing and do it
well."
Usually this approach breaks down once you start to work with today's
generation of hardware, which is where the "whoa, pass me the bong hit"
stuff comes in. I'd just tear up everything and make the hardware guys
start over so we don't end up with "sucky ram, and great ram, but you
can't have much of it" :-)
Reply to: