[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Re: Re: emulating no-senders notifications in L4?

From: Volkmar Uhlig
Subject: RE: Re: Re: emulating no-senders notifications in L4?
Date: Thu, 27 Dec 2001 20:16:39 +0100

> -----Original Message-----
> From: Ondrej Hurt [mailto:address@hidden 
> Sent: Thursday, December 27, 2001 6:51 PM
> The application has the right to trash itself but it should not harm
> the rest of the system. In the case of unreliable fault detection, it
> is not only the app who will suffer because it can lock resources in
> other apps, it can hold references to misc stuff forbiding its
> deletion (leaving it 'busy'), it consumes task slot etc.

But that is only a question of a policy your system servers implement. 
Any process can lock resources and never free it. In certain cases that
can be automatically detected in other cases that is impossible. The
question here is how you detect, whether an application is malicious or
just plain stupid. And this is where you have to set your line. 

Even if you would have external exception handler with all the UNIX
bells and whistles it is still possible to attack your system in a
similar way -- eating resources. And if that is possible, then there is
absolutely no point to put the bells and whistles into the micro-kernel
which is intended to be micro (read: minimal).

- Volkmar

reply via email to

[Prev in Thread] Current Thread [Next in Thread]