Am Donnerstag 18 Dezember 2008 09:06:15 schrieb olafbuddenha...@gmx.net: > > (by the way: having a user process which manages a non-restricted > > buffer should give almost the same advantages as giving memory > > directly to the server, but without the drawbacks. And it should be > > painless, since you'll most likely access the system process through a > > library anyway, and the library can handle the buffering) > > No idea what you are talking about...
I talk about teh case where a hardware-critical part is being accessed and the operation would need much memory (like transmitting a very large file over the network without having to do it in smaller parts on the programs side). In that case a system server could run out of memory (or would need a high amount of memory available to it). This could be avoided very simply, though, by setting up a buffering server with user permissions which makes sure that the hardware critical part only gets the data in small chunks, while no other user process has to worry about that buffer. The memory for buffering would then be provided by the user, but the hardware critical part (sending machine code to the network card) would be controlled by root, so no user but root can shoot down a network card. > Actually, I don't think that all people on this list know about remote > attestation... OTOH, it was really only a reply to Michal -- I don't > think there are many others reading this (sub)thread anymore :-) :) It's been interesting to me, though. Thanks for participating! Best wishes, Arne -- -- My stuff: http://draketo.de - stories, songs, poems, programs and stuff :) -- Infinite Hands: http://infinite-hands.draketo.de - singing a part of the history of free software. -- Ein Würfel System: http://1w6.org - einfach saubere (Rollenspiel-) Regeln. -- PGP/GnuPG: http://draketo.de/inhalt/ich/pubkey.txt
signature.asc
Description: This is a digitally signed message part.