On 8/23/12, Jiří Zárevúcky <[email protected]> wrote: > Hello everyone. > > As I've already told some of you, I'd like to work on HelenOS for my > bachelor's thesis. The area I selected is the VFS subsystem. I'd like > to improve/rethink the way HelenOS deals with filesystems based on > some ideas I've been holding in my head for a while and also taking > into consideration some other advanced operating systems. > > I've put together the ideas I'm working with into a single document, > so that everyone can review them and help me shape it in the best > possible way. Right now, the first two pages summarize at high level > the basic concepts that I intend my work to follow. After that, more > details follow, though only very little information is present now (I > intend to fully document the design of the whole thing as I work on > it). > > https://docs.google.com/document/d/1eyGKosfkYHky3CHLM9O3UzI3CWoruls5IW3MddkQyF4/view > > Unless someone points out some massive problem with the way I'm > heading, I shall research the current VFS in depth and then start > either incrementally implement parts of my proposal or write a new VFS > server from scratch, depending on which approach I find most suitable > for what I have in mind.
hi, i'm not really involved in helenos at all, just my thoughts on the approach. It's interesting in that you seem to have come to some of the same ideas found in capability systems (e.g. the lack of filesystem permissions, that having merely access to a file grants the permission to do something with it), but maintain the use of filenames which would seem to open the door to ambient authority[1] and the confused deputy problem[1] which capabilities were invented to fix. Capability systems in general tend to do away with filesystems all together, as much discussed in many threads e.g. 'Explicit Persistence Considered Harmful'[3], but it would be good to consider how your VFS reacts to the confused deputy problem in particular when a program serves 2 masters. [1] http://en.wikipedia.org/wiki/Ambient_authority [2] http://en.wikipedia.org/wiki/Confused_deputy_problem [3] http://www.coyotos.org/pipermail/coyotos-dev/2008-August/001654.html _______________________________________________ HelenOS-devel mailing list [email protected] http://lists.modry.cz/cgi-bin/listinfo/helenos-devel
