> Don't you just love ascii art with irregular fonts? ;o) [Jonathan Dickinson] Hmm... I wrote it in plain text. Make sure your mail client is set up to use a monospace font for plain or unformatted text...
> > I'm not sure if there's a concensus on this, there might have been > discussion on this before i joined the sharpos effort, but the way i > see it the OS would have something like a micro kernel and all drivers > would be somewhat akin to applications. > All the drivers and all secure applications would run in SIPs > (software isolated processes) meaning that they all run in ring 0 of > the kernel (most privilleged level) but because they're all compiled > and verified by the compiler we can make the assumption that they're > all safe. > Ofcourse since the compiler is far from perfect at the moment we might > want to actually put everything in hardware isolated processes untill > we actually get the compiler to be relatively bug free ;) > But it would put drivers, apis and applications more or less in the > same layer.. > The rights of applications (visible), devices/deamons (invisible > background workers) and drivers would obviously differ though... > Actually within these groups there would be additional differences in > rights... [Jonathan Dickinson] If you look on the wiki I wrote some stuff there. I did some more thinking about it and came up with this: CAS (Code access security: which we should all know) define what an ASSEMBLY is allowed to execute (e.g. one coming off the web can only access isolated storage). Certain CAS rights should be 'impersonated' (for want of a better word) from the user. The thing should be a stack with a aggregate of everything at the top. > > On Nov 9, 2007 12:20 PM, Jonathan Chayce Dickinson > <[EMAIL PROTECTED]> wrote: > > [...] > > Kernel > > System > > Unification > > Application > > > > Each only able to access the one directly below it. In a classical > > filesystem this would relate to: > > > > K: /Assembly/Kernel/image.bin : Needs WriteKernel privelage enforced > in U > > S: /Assembly/System/* : Needs WriteSystem privelage enforced > in U > > U: /Assembly/Unification/* : Needs WriteUnification privelage > > A: /Assembly/Application/* : Needs Install privelage > > A: /Programs/* : Needs Install privelage > > We'd also need some sort of "can execute binary machine code" rights > too (basically only the compiler would have that right), and the right > to set & modify (certain) rights.. > > I think it's really important to design the whole rights > infrastructure in such a way that everything is always transparent, > that it's impossible to do things secretly, or execute an > application/background worker etc. without the user having the ability > to shut it down when he has too. > I really really really hate spam, adware and virii, and if we can, we > should make it impossible to be installed on someone's computer, > unless it was done manually by the user him/herself.. and if he/she > did then it should be trivial for the user to remove it afterwards. > > ----------------------------------------------------------------------- > -- > This SF.net email is sponsored by: Splunk Inc. > Still grepping through log files to find problems? Stop. > Now Search log events and configuration files using AJAX and a browser. > Download your FREE copy of Splunk now >> http://get.splunk.com/ > _______________________________________________ > SharpOS-Developers mailing list > SharpOS-Developers@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/sharpos-developers ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ SharpOS-Developers mailing list SharpOS-Developers@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/sharpos-developers
