[cap-talk] Avoid overconfidence (was: Any hope in RSA 2008?)
Bill Frantz
frantz at pwpconsult.com
Sat Apr 5 13:09:47 CDT 2008
erights at gmail.com (Mark Miller) on Saturday, April 5, 2008 wrote:
>The other interesting data point is the KeyKOS line of operating
>systems. The KeyKOS kernel may very well be the most robustly secure
>general purpose operating system kernel to be deployed commercially.
>(I would be interested to see if anyone can offer counter-examples.)
>However, Eric Northup did find a minor security bug in the KeyKOS
>kernel design many years later. Shap and Charlie are of course working
>towards even more carefully constructed successors, with Shap hoping
>for a machine-checked proof of the Coyotos kernel implementation.
Can some one describe Eric's attack, or point to a description?
For other highly robust OSs, I would look to the telephone
switches, the Plessey 250 (a capability OS), and the Bell ESS
series for example.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | gets() remains as a monument | Periwinkle
(408)356-8506 | to C's continuing support of | 16345 Englewood Ave
www.pwpconsult.com | buffer overruns. | Los Gatos, CA 95032
More information about the cap-talk
mailing list