[EROS-Arch] Package handling...
Pascal J. Bourguignon
pjb@imaginet.fr
Wed, 28 Mar 2001 21:19:47 +0200 (CEST)
Bill Frantz wrote:
> At 8:44 AM -0800 3/28/01, Joerg Bornschein wrote:
> >Each individual constructor uses reference counting.
>
> How does the reference count get decremented if someone zaps the space bank
> used to build the object instead of using the destroy call?
>
> Reference counting introduces a big covert channel.
Similar to the inodes in unix. A capability to read an object would be
bigger "hole" than that to read the metadata of the object (stat for
inodes). Therefore it would be enough to ensure that the metadata of
an object cannot be read by those who don't have a read capability on
the object. Then a reference count can be introduced without being a
covert channel (as well as other properties (metadata) of the objects,
such as dates, size, etc).
--
__Pascal_Bourguignon__ (o_ Software patents are endangering
() ASCII ribbon against html email //\ the computer industry all around
/\ and Microsoft attachments. V_/ the world http://lpf.ai.mit.edu/
1962:DO20I=1.100 2001:my($f)=`fortune`; http://petition.eurolinux.org/