|
|
|
|
|
|
by smosher_
3962 days ago
|
|
|
In case anyone is wondering which project this is: The concrete contribution of the research report here
is the design and implementation of a fully compartmen-
talized operating system, MINIX 3. To properly isolate
faults, we have removed all drivers from the kernel and
run them as separate, unprivileged user-mode processes,
protected by the MMU hardware. Since all servers also
run in user mode in our design, only a tiny microker-
nel that does not contain any foreign, untrusted code is
left in kernel mode. Each component has only the mini-
mum privileges it needs in order to prevent failures from
spreading. In our design, driver failures are no longer
fatal and do not require rebooting the computer.
|
|
|