Return to BSD News archive
Path: euryale.cc.adfa.oz.au!olive.mil.adfa.oz.au!navmat.navy.gov.au!posgate.acis.com.au!warrane.connect.com.au!news.syd.connect.com.au!news.mel.connect.com.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.cis.okstate.edu!news.ksu.ksu.edu!lazrus.cca.rockwell.com!cacd.rockwell.com!newsrelay.iastate.edu!vixen.cso.uiuc.edu!ux7.cso.uiuc.edu!pswanson From: pswanson@ux7.cso.uiuc.edu (swanson paul dennis) Newsgroups: comp.os.msdos.misc,comp.os.ms-windows.win95.misc,comp.os.ms-windows.nt.misc,comp.os.mach,comp.os.ms-windows,comp.os.ms-windows.advocacy,comp.os.misc,comp.os.magic-cap,comp.os.lynx,comp.os.linux.misc,comp.os.linux,comp.os.386bsd.development Subject: Re: *** PLEASE TAKE THIS OS SURVEY *** Followup-To: comp.os.msdos.misc,comp.os.ms-windows.win95.misc,comp.os.ms-windows.nt.misc,comp.os.mach,comp.os.ms-windows,comp.os.ms-windows.advocacy,comp.os.misc,comp.os.magic-cap,comp.os.lynx,comp.os.linux.misc,comp.os.linux,comp.os.386bsd.development Date: 15 Feb 1996 16:14:58 GMT Organization: University of Illinois at Urbana Lines: 28 Message-ID: <4fvm62$qtm@vixen.cso.uiuc.edu> References: <Pine.D-G.3.91.960124225044.20914C-100000-100000@erc.cat.syr.edu> <4eu2n6$bvu@rubens.telebyte.nl> <4fflmt$jh3@c4.hrz.uni-giessen.de> <jdb-0902961555260001@dock.tiac.net> <3121A7FE.7646@hub.geo.se> NNTP-Posting-Host: ux7.cso.uiuc.edu X-Newsreader: TIN [version 1.2 PL2] Xref: euryale.cc.adfa.oz.au comp.os.msdos.misc:48485 comp.os.ms-windows.win95.misc:103900 comp.os.ms-windows.nt.misc:91180 comp.os.mach:5043 comp.os.ms-windows.advocacy:111076 comp.os.misc:4706 comp.os.magic-cap:1490 comp.os.lynx:1699 comp.os.linux.misc:86821 comp.os.386bsd.development:3354 Martin Nisshagen (martin@hub.geo.se) wrote: : Jim Bailey wrote: : > This is silly. What about OS priviledged apps like drivers, monitors and : > such? Those can be written by third parties. What if the driver crashes : > because a non-priviledged application calling it did something really : > odd? Sure you can blame the driver software for not being robust enough : > but it isn't the OS that did it. And the reality is that drivers need to : > be extremely efficient, guaranteeing that some API holes are going to : > exist. There is no such thing as a perfectly memory protected system. It : > can't be done in the real world. : It can be done. You can design a true microkernel OS who runs all device : drivers in user mode. : I think the display drivers and graphics lib in NT is running in usermode, : but I'm not 100% sure if that's correct. Other drivers (scsi, network etc) do : run in kernel mode wich also makes NT venurable to faulty drivers. Even if drivers don't run in kernel mode, they still must have I/O privileges, which makes the machine vulnerable. Albeit less vulnerable than with kernel privileges. Of course in some systems, you can limit the I/O accesses as well, but then what about turning interrupts off? -- Paul Swanson USACERL Research Asst. pswanson@uiuc.edu ACM@UIUC Sigops chair Lover of Chopin and TMBG GCS/T