[cap-talk] Restricted execution environments, virtual machines,
capabilities
Norman Hardy
norm at cap-lore.com
Fri Dec 10 12:57:29 EST 2004
On Dec 7, 2004, at 12:51 PM, Jed Donnelley wrote:
....
> Does anybody know if there's a commonly accepted name for such a
> facility? I spent some time looking at system calls for Unix (easier
> than
> Windows it seems to me) such as fork, clone, vfork, and execve, but
> I didn't find what I was looking for. clone seems to come closest, but
> I couldn't find a flag that would allow the cloning process adequate
> control over the cloned process. Presumably there's a way to do this
> as I would think wine would need such a facility. The wine
> documentation
> seems to suggest that it uses "clone", but I don't see how. Does
> anybody
> have any experience in this area and might be able to point me in the
> right
> direction? I can probably get such information from a wine list if
> need
> be.
>
The original restricted execution environment is "problem mode" in
the two state machine.
See <http://cap-lore.com/CapTheory/TwoState.html> for a short note on
the connection.
There are many ideas to by transported once this analogy is made.
>
More information about the cap-talk
mailing list