On Mon, Nov 13, 2006 at 09:30:23PM +0100, Tom Bachmann wrote: > Richard Braun schrieb: > > [...] First you suggest using drivers > > in userspace, isolated from the kernel (that's the "don't trust drivers" > > part). [...] > > > > From my point of view, I don't see a way to reliably achieve the first > > part, as hardware devices can be considered as most privileged entities, > > potentially giving less privileged entities (device drivers) access to > > most privileged data.
Well, sorry, I did say it, but the first part is actually more than just userspace drivers, it's also the application of system policies by the kernel, which I don't think is completely feasible (userspace drivers are a way to achieve such policy for address spaces, but there are other privileged resources to control). -- Richard Braun
signature.asc
Description: Digital signature
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
