On Sun, Nov 10, 2013 at 8:06 PM, Matthias Schniedermeyer <m...@citd.de> wrote: > I don't see a way around "borders" (Papers please), otherwise you can't > reject things you don't want, you have to check if that something that > is to be done is allowed. For e.g. you would get around every > permission-check, because the code you called is allowed to do > everything.
You're right actually. Proper linking solves the issue for "good people", but I can't think of a not-dirty way for preventing bad calls from "bad people". I may get back here if I do find a solution. > And your driver model sounds more like a micro-kernel > http://en.wikipedia.org/wiki/Microkernel > In the sense that a driver is more like a privileged process. That is true. I understood that but I thought better not mention microkernels, just to avoid any reaction given "the history"! I guess I would have appreciated it if Linux was a mikrokernel or a hybrid, given how f*ing hard it is find a bug in someone else's kernel module that just hangs the kernel. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
