On Wed, 2005-10-26 at 11:06 +0200, Bas Wijnen wrote: > No, not as alternative. Programs which need a POSIX box to run should still > be allowed to use all the cool Hurd features directly.
This would be very very pleasant. Unfortunately, it is very difficult to achieve. The difficulty comes when you allow the insecure subsystem to access things like your local files, which you want to protect. > Everything should be considered untrusted, except the trusted code base, which > is needed to make that assumption work (the kernel, physmem, etc.) The TCB > should be as small as possible. Exactly right. _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
