[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: another take on hackers and painters
> The difference between this work and Matthew's is, I believe, that
> Matthew is interested in providing not just the API of the operating
> system, but also the protections between processes. His research goal
> is to figure out how to provide those protections, but still allowing
> multiple processes to share data directly, without having to use
> something like RPC or RMI.
Coincidentally, I was reading "A Security Kernel Based on the Lambda-Calculus
(1996)" by Jonathan Rees yesterday.
It includes interface to hardware (including controlling robots) and strong
protection properties including capability-confinement. The "sharing of data"
part is just about as direct and intuitive as a Scheme-head could ever wish --
it is by having variables in a shared scope, or by passing variables as
arguments to function invocation.