[coyotos-dev] Thoughts on (non)persistence
Norman Hardy
norm at cap-lore.com
Thu Jan 27 01:07:31 EST 2005
On Jan 26, 2005, at 6:12 PM, David Hopwood wrote:
> Eric Northup wrote:
..........
> Most security flaws in existing systems are in code that is outside
> the kernels of those systems, but that is nevertheless relied on by
> users.
>
> Removing orthogonal persistence does not reduce overall system
> complexity;
> on the contrary, the overall complexity is increased. It does not
> reduce the
> size of the TCB that users actually rely on. The goal should be to
> maximize
> confidence in the security of a whole system, not the kernel in
> isolation.
>
>> We may eventually be able to add persistence back to the kernel. If
>> we
>> succeed in verifying a non-persistent kernel, that would be a time to
>> consider adding persistence. We have been careful not to make any
>> changes to the design that would preclude persistence.
>
> If we intend to support orthogonal persistence, then the *easiest* way
> to
> do that is to design it in from the beginning. Whether it is part of
> the
> kernel or not is a secondary issue.
>
> --
> David Hopwood <david.nospam.hopwood at blueyonder.co.uk>
>
> _______________________________________________
> coyotos-dev mailing list
> coyotos-dev at coyotos.org
> http://www.coyotos.org/mailman/listinfo/coyotos-dev
>
>
Norm Hardy: <http://cap-lore.com>
Nothing has an uglier look to us than reason, when it is not on our
side.
Lord Halifax
More information about the coyotos-dev
mailing list