[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Capability Authentication
From: |
olafBuddenhagen |
Subject: |
Re: Capability Authentication |
Date: |
Thu, 20 Oct 2005 02:31:20 +0200 |
User-agent: |
Mutt/1.5.9i |
Hi,
> For example, process instantiaton (spawn or fork) requires many
> capability copies even in our current plans. Creating new processes
> is an important operation in the EROS operating system to enforce
> confinement policies.
I see a flaw in this reasoning: If you start more processes due to a
finer grained design -- which is probably a Good Thing (TM) -- then the
individuall processes do less, so you need only few capabilities for
each one... We'd need to make the rest of the process startup *very*
efficient, to make it matter even for a "hello world" process. (Would be
desirable, but I doubt it is achievable.)
I still can't think of any realistic scenario, where capability passing
would be so common as to make a few hundred clock cycles per operation
really relevant. Of course, that doesn't mean none exist...
-antrik-
- Re: The Perils of Pluggability, (continued)
- Re: Capability Authentication, Marcus Völp, 2005/10/13
- Re: Capability Authentication, Marcus Brinkmann, 2005/10/14
- Re: Capability Authentication, Marcus Völp, 2005/10/17
- Re: Capability Authentication, Marcus Brinkmann, 2005/10/17
- Re: Capability Authentication, olafBuddenhagen, 2005/10/18
- Re: Capability Authentication, Marcus Brinkmann, 2005/10/18
- Re: Capability Authentication,
olafBuddenhagen <=
- Re: Capability Authentication, Marcus Brinkmann, 2005/10/20
- Re: Capability Authentication, Jonathan S. Shapiro, 2005/10/21
- Re: Capability Authentication, Marcus Brinkmann, 2005/10/25
- Re: Capability Authentication, Jonathan S. Shapiro, 2005/10/25