DragonFly users List (threaded) for 2007-01
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: write news article about virtual kernel

From:	Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx>
Date:	Tue, 30 Jan 2007 10:50:47 -0800 (PST)

:That's what I was saying: It's a debugging tool to develop a driver,
:and once it's "done", it can just be loaded into the host kernel
:instead of the virtual kernel. If that virtual kernel is there for the
:express purpose of hosting drivers and not untrusted processes and
:users, then security isn't any worse than keeping it in the host
:kernel. Maybe it's even more secure if a buggy driver which could have
:taken over the kernel will instead only take over the virtual kernel,
:or (more likely) fail entirely and get a segfault. It has practical
:uses if the use-case of sandboxing processes is kept well separate
:from sandboxing drivers, but yes, it does have to be implemented well
:to be useful at all even for debugging.
:
:---
:Dmitri Nikulin

    I think it would be useful too, but I also think someone else
    will have to take up the ball on implementing it.  I've done the
    hardest part... making the vkernel work in the first place.  Now
    hopefully those with an interest in expanding it will start 
    working on it :-)

						-Matt

References:
- write news article about virtual kernel
  - From: "Jeremy C. Reed" <reed@reedmedia.net>
- Re: write news article about virtual kernel
  - From: Matthew Dillon <dillon@apollo.backplane.com>
- Re: write news article about virtual kernel
  - From: "Dmitri Nikulin" <dnikulin@gmail.com>
- Re: write news article about virtual kernel
  - From: Matthew Dillon <dillon@apollo.backplane.com>
- Re: write news article about virtual kernel
  - From: "Dmitri Nikulin" <dnikulin@gmail.com>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]