>The one challenge with using
>them, though, is that it completely guts your hope of being POSIX.1
>compatible. For example, the open() system call must now take a new
>argument, which is the capability. So does unlink(), and rename(), and
>bind(), and accept().....
Actually, *these* system calls aren't the problem, as most of them take file
descriptors, which are capabilities.
The question comes down to: do you want to facilitate secure collaboration, or
do you want to run POSIX apps. Pick one, because you cannot do both.
>On the flip side, the lack of compatibility means that lose all of the
>Unix utilities (the GNU suite of utilities, the X window system, etc.).
It's surprising how well a compatibility box works. The truth is that most of
your day to day environment can stay in POSIX without much of a problem.
Especially when your compatibility box is about the same speed as the real POSIX
system.
Jonathan S. Shapiro, Ph. D.
IBM T.J. Watson Research Center
Email: shapj@us.ibm.com
Phone: +1 914 784 7085 (Tieline: 863)
Fax: +1 914 784 7595
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/