NetNews Offline 2

home *** CD-ROM | disk | FTP | other *** search

/ NetNews Offline 2 / NetNews Offline Volume 2.iso / news / comp / sys / amiga / misc-part1 / 2894 < prev next >

Wrap

Internet Message Format | 1996-08-05 | 3.5 KB

Path: news.rhrz.uni-bonn.de!zeus!fasten From: fasten@zeus.informatik.uni-bonn.de (Bernhard Fastenrath) Newsgroups: comp.sys.amiga.misc Subject: Re: OS features Date: 24 Jan 1996 20:35:57 GMT Organization: Universit"at Bonn, Informatik Abt. II, R"omerstr. 164, 53117 Bonn Message-ID: <4e657d$2db@news.rhrz.uni-bonn.de> References: <4aj1tc$39r@candelo.dpie.gov.au> <13213430@sourcery.han.de> <wfblanDL60p0.D0y@netcom.com> <1058.6591T492T1743@cycor.ca> <DLnqBB.DuD@focus-systems.on.ca> <4e442t$4ve@serpens.rhein.de> NNTP-Posting-Host: zeus.informatik.uni-bonn.de X-Newsreader: TIN [version 1.2 PL2] Michael van Elst (mlelstv@serpens.rhein.de) wrote: : wayne@focus-systems.on.ca (Wayne Fisher) writes: <...> : > - new programs' code and data would be protected from access by another : > process unless explicitly allowed by the program. : Kills close to all system functions. You had to write a completely new : AmigaOS. Maybe not. Let's say (as you suggested earlier) that some subsystems (e.g. Intuition) have the permission to read and write any memory region. Intuition functions would have to check if the pointers received from process A point into A's memory and, of course, if they are consistent and don't corrupt Intuition's internal data when used (That's a good piece of work for the programmers and for Intuition at runtime but I guess it's possible). Programs which want to browse internal data structures of Intuition are either given permission or fail. <...> : >"much more"? I don't think a few percentages is "much more". : You forget that memory protection is nothing if you cannot protect : the system from invalid parameters to system functions. Most system : functions however use shared data structures. How about this: Write access to a data structure shared between a process and Intutition marks the data structure as dirty and Intuition has to perform consistency checks again before using it. : The whole concept of device drivers had to be changed. : BOOPSI is dead. : System hooks are dead. Device drivers would have to be a subsystem with the license to kill (read/write everything). System hooks would be restricted to programs which were given special permission. : >It : >just means that you can't pass pointers between processes and the : >machine becomes more stable. : Unfortunately most parameters are passed by pointers. You do have : to change everything. Old programs could use one address space and pass pointers as much as they want to. Maybe if A calls PutMsg() it gives the receiving process B the permission to read/write its memory. New programs could also use PutMsg() but they'd allocate the message from a special pool and the other task receives only read/write permission for this pool. The private memory of new programs wouldn't have to be in the global address space. Another difference between old and new programs could be that the memory of old programs must not be swapped while new programs can decide for each of their pools if it has MEMF_SWAP set or not. Bernhard PS.: #define MEMF_PUBLIC 0 -- _|_|_|_|_|_|_|_|_|_|_|_|_|_|_///_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_| _| Bernhard Fastenrath /// http://titan.cs.bonn.edu/~fasten/ : _| _| fasten@cs.bonn.edu \\\/// - XWorkbench 0.2 (Amiga Workbench for X11) _| _| fasten@shw.com \XX/ - Ext2 filesystem 0.5b for AmigaDOS, 0.3 _| _|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_|_| Hi, I'm not a signature virus. Why don't you just copy me into your signature?