[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Restricted storage

From: Michal Suchanek
Subject: Re: Restricted storage
Date: Thu, 1 Jun 2006 21:33:40 +0200

On 5/29/06, Pierre THIERRY <address@hidden> wrote:

In general, some capabilities typically given by the constructor need
only to be read-only, for example the TCB ones, like to the
meta-constructor and the constructor. Though in some virtualization
cases, they also should be unreadable. (Jonathan, I think I'm starting
to understand why you think that disclosure should not be the default)

I don't see why there has to be always a capability that is provided
by the constructor. It breaks flexibility (and possibly
virtualization). The TCB capabilities can be provided by the requestor
if there is no capability that the constructor is supposed to protect.

How does virtualization require any capabilities to be unreadable?



reply via email to

[Prev in Thread] Current Thread [Next in Thread]