Originally posted by TheMightyBuzzard
View Post
Announcement
Collapse
No announcement yet.
"SandBox Mode" Proposed For The Linux Kernel To Improve Memory Safety
Collapse
X
-
Originally posted by bug77 View Post
Security-conscious users may be willing to accept more than half a percent overhead. Sure, it will be heavier that Rust's compile-time checks, but hey!, you've got to work with what you have.
- Likes 1
Comment
-
At first read, it sounds like it could be a viable thing to retrofit onto drivers, which are both the least well-tested and most numerous parts of a kernel, as well as having a fairly well-defined API to interact with and serve as an encapsulation boundary.
- Likes 2
Comment
-
Originally posted by ayumu View PostMicrokernel, multiserver, capability-centric is the better design. We've known this for a while.
No, Linux can't "evolve" into such a system, the spaghetti call graph mess that it is, with millions of LoCs now.
It would have to be rewritten and there's systems that are further along with a correct design (e.g. genode).
Perhaps funding sources should recognize this and re-focus their efforts appropriately. Stop wasting money and developer time in a system architecture that's known to be a dead end.Last edited by Volta; 14 February 2024, 07:31 PM.
- Likes 1
Comment
-
sounds like:
We don't want C++ but we create sandboxes, isolated guard pages and a architecture independent infrastructure, a whole new API which elevates our memory safety potential and allows us to recover from protection violations.
... and let them sit and Rust.
- Likes 1
Comment
-
-
Originally posted by Britoid View Post
Which is why nearly every Android device has to ship with a fork of it...Last edited by Volta; 16 February 2024, 03:09 AM.
- Likes 2
Comment
Comment