[EROS-Arch] Re: [Cap-Talk] Re: On the other hand (process tool restriction)

[Jonathan S. Shapiro]

This is really an EROS architecture discussion, and probably belongs on
eros-arch. I'm replying to eros-arch momentarily.

----- Original Message -----
From: "Charles Landau" <clandau@macslab.com>
To: <norm@cap-lore.com>
Cc: <cap-talk@eros-os.org>
Sent: Monday, November 06, 2000 4:48 PM
Subject: [Cap-Talk] Re: On the other hand (process tool restriction)


> Norman Hardy wrote:
>
> > >We had a parallel
> > >discussion about this in context of the process tool, and concluded at
> > >that time
> > >that the process tool itself did not require protection.
> >
> > What we called the domain tool was somewhat restricted. Once I wrote a
> > program that intermediated keys just as a would a program that exported
> > capabilities over a network. The system crashed when it tried to
> > intermediate the domain tool, which I had not realised was accessible to
> > the program that I was testing. I recall realizing what had gone wrong
and
> > that it was a fixable bug in the 370 kernel. I think that the bug was
not
> > fixed and I don't remember what the problem was now. I recall that it
was
> > evident in the crash.
> >
> > I do not know of any reason to restrict the domain tool once the kernel
is
> > fixed.
>
> I've argued at <http://www.macslab.com/charlies/NoDC.html> that the
domain/process
> creator is unwise, which implies that the domain/process tool should be
restricted
> to the space bank.
>
> _______________________________________________
> cap-talk mailing list
> cap-talk@mail.eros-os.org
> http://www.eros-os.org/mailman/listinfo/cap-talk
>