Hello,
I'm an amateur//hobbyist programmer who is very interested capability operating
systems. I have just found this project and have started reading the
documentation. I have some questions regarding the "Interfaces and Mechanisms"
document- sorry if these have already been asked (if so just point me to where
I can already find the answers).
1- Is there anyway that a child can be endowed with any extra capabilities to
server services at creation by its parent? Or is it always the case that the
child always has to be first created without any extra capabilities and only
after it is created then can it gain external caps by requesting a service by
way of its parent?
2- In the documentation it says that the parent of a server is given the
root_capability to any services announced by the child and this cap is intended
to be used and kept by the parent only.
Is this cap actually copyable and transferrable?
And does it really matter if the parent gives this cap away?
This last question may seem really dumb since it goes against the whole point
of having an acylic tree of parent to children nodes to facilitate reasoning
about the TCB, however, if you haven't actually stopped the parent from been
able to give it away shouldn't you assume that it will give it away?
3- The documentation mentions the use of unix file permissions. Are access
control lists and file permissions to be planned/implemented in the file
servers within the genode project? If they are, it is there a possibility for a
confused deputies to arise since the clients request services by using
serive_name and arg strings instead of capabilities?
>From what I naively understand about capability based OSes is that you either
>have to provide a persistent state mechanism or an ACL like regime to be able
>to recreate the capability network at power-up after shut-down/crash-recovery.
>Is it possible for a system to be built using genode framework which is
>orthognally persistent and thus drop the use of ACL's?
Lastly, I think there is a very slight mistake in the "Interfaces and
Mechanisms" document in the "Servers" section towards the very end in the
sentence "The session capability, created by Child1 (4), can now be passed to
Child1 as return value of nested session calls (5, 6).": shouldn't the second
mention of "Child1" actually be "Parent2"?)
This looks like a very interesting project with fantasic potential! Thanks for
creating it!
Thanks you
Ross McGinnis
_________________________________________________________________
Looking for a place to rent, share or buy this winter? Find your next place
with Ninemsn property
http://a.ninemsn.com.au/b.aspx?URL=http%3A%2F%2Fninemsn%2Edomain%2Ecom%2Eau%2F%3Fs%5Fcid%3DFDMedia%3ANineMSN%5FHotmail%5FTagline&_t=774152450&_r=Domain_tagline&_m=EXT
------------------------------------------------------------------------------
OpenSolaris 2009.06 is a cutting edge operating system for enterprises
looking to deploy the next generation of Solaris that includes the latest
innovations from Sun and the OpenSource community. Download a copy and
enjoy capabilities such as Networking, Storage and Virtualization.
Go to: http://p.sf.net/sfu/opensolaris-get
_______________________________________________
Genode-main mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/genode-main
