[cap-talk] Why aren't safer OS being used
David-Sarah Hopwood
david-sarah at jacaranda.org
Tue Sep 29 17:53:59 PDT 2009
Toby Murray wrote:
> 2009/9/29 Rob Meijer <capibara at xs4all.nl>
>> On Tue, September 29, 2009 10:09, Toby Murray wrote:
>>
>>> I think a more constructive debate would be this:
>>>
>>> "Given an object-capability microkernel like seL4, how would you build
>>> a desktop environment on top that was as backwards-compatible as
>>> possible?"
>>
>> Not breaking backward compatibility means not getting rid of:
>> * implicitly shared mutable state.
>> * ambient authority.
>
> Not necessarily true. Read up on Plash's packaging system.
> http://plash.beasts.org/wiki/PackageSystem
I don't see anything there that would contradict Rob Meijer's assertion
above, since Plash and its packaging system are neither fully
backward compatible with software as it is currently packaged, nor do
they get rid of all implicitly shared mutable state or all ambient
authority. Whether they get rid of enough is an open question.
In fact Plash is a pretty good example of what Rob suggested:
[allow] developers to target both the old and the new (secure) system
from one source tree, allowing for FORWARD compatibility of new
software for the old system.
--
David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
More information about the cap-talk
mailing list