On Tue, Sep 22, 2009 at 3:38 PM, <[email protected]> wrote: > Hi, > > On Wed, Sep 16, 2009 at 03:31:18PM +1000, William Leslie wrote: > > > Even for some time before Coyotos was no longer actively developed, it > > was effectively abandoned by the primary architects of the hurd, due > > to its support of the so-called non-trivial confinement. > > This is grossly oversimplyfied IMHO. While I wouldn't say that it is > factually wrong, it is sure to cause serious misunderstanding. > > It's not only that Coyotos can support non-trivial confinement. The real > problem is that its whole design relies and is optimized for this > feature; which makes it effectively impossible to create any different > system on top of it...
This is not correct. It is true that the Coyotos *system* considers encapsulation of data to be a fundamental requirement. If you cannot tell where data can go, you cannot determine the scope and consequences of errors. For this reason, the Coyotos *system* constructs confined subsystems as a default. However, the Coyotos *kernel* does not embed this assumption. It is perfectly possible to build other *systems* on top of the Coyotos *kernel*. Given that l4-hurd is trying to be something very different from Coyotos, it was never really my expectation that l4-hurd would end up using much of the Coyotos *system*. The Coyotos kernel remains a fairly high-performance alternative, I am not aware of any l4-hurd goal that it fails to support, and I am not aware of any l4-hurd anti-goal that it imposes. So if Coyotos was abandoned for the reasons you suggest, then it was abandoned for the wrong reasons.
