Sean Lynch <[email protected]> writes: >I'm not talking about raw size or complexity here; obviously having lots of >features and support for lots of devices means high complexity, but it doesn't >require that all that complexity run with full system privileges.
XKCD is, as usual, most apropos here: https://www.xkcd.com/1200/ A huge amount of embedded stuff doesn't even have a kernel mode, because its irrelevant (or, if the hardware does actually support two different modes, everything is run in the highest-priv'd mode). Either the system is robust/secure/reliable or it isn't, whether there's a kernel/user split is irrelevant. Peter.
