Some quick thoughts on this subject regarding x86 architecture:
- I think we need to define better the term segment, because you also have
selectors in case of flat mode
- secondly you can provide some protection mechanism using not only rings
but also memory pages and descriptor check, page dire
While preparing a lecture for my OS class, I stumbled on this essay by
Peter Neumann: http://www.multicians.org/pgn-motherhood.html
This is advice very much worth heeding, more than 35 years later. I
think very few people remember this paper, which of course is one point
it made: "We don't read. V
On Mon, 03 Apr 2006 09:02:27 -0700, Crispin Cowan <[EMAIL PROTECTED]>
wrote:
>
> Of particular and critical interest at this juncture is segmented
> memory. Graybeards love segmented memory, and modern Linux kidz hate
> segmented memory. A close friend has observed to me that 100% of A1
> evaluat
Crispin Cowan wrote:
Of particular and critical interest at this juncture is segmented
memory. Graybeards love segmented memory, and modern Linux kidz hate
segmented memory. A close friend has observed to me that 100% of A1
evaluated operating systems (both of them :) used segmented memory. In
st
My comments are interleaved below:
Crispin Cowan writes:
>
>
>PGN cites many of the things that Multics did right and history did not
>follow. Most of these issues are sufficiently entrenched in legacy
>hardware and software that there is little chance to change them any
>time soon.
>
>Of partic
> So, if we hope to have a truly high security operating system in our
> lifetimes, then one of several things will have to happen:
> * [...]
> * [...]
> * Someone develops a security kernel that effectively fakes
> segmentation in software using conventional pages, *and* they
>
Or consider the IBM Mainframe and z/OS Operating Systems - protected memory and
paging
together - also privileged programs vs. application programs, also prefetched
programs vs
loaded on demand programs.
Mike Hines
Mainframe Systems Programmer
---
Michael S Hin
At 9:02 AM -0700 4/3/06, Crispin Cowan wrote:
> That second question is actually pretty technically deep. What is so
> different about paged memory systems that makes them harder to secure
> than segmented memory systems? My conjecture: it is the granularity of
> the memory blobs. Consider:
>
>
PGN cites many of the things that Multics did right and history did not
follow. Most of these issues are sufficiently entrenched in legacy
hardware and software that there is little chance to change them any
time soon.
Of particular and critical interest at this juncture is segmented
memory. Grayb