| “Yeah, but …” |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| • | No
user can interrupt it while it is running |
|||||||||||||||||
| • | Windows,
Linux routinely interrupt system calls |
|||||||||||||||||
| • | No
user can feed it data to make it |
|||||||||||||||||
| – | violate
access control policies |
|||||||||||||||||
| – | stop
serving other users |
|||||||||||||||||
| • | No
user can replace or alter any system call code |
|||||||||||||||||
| • | Except
your average virus |
|||||||||||||||||
| • | No
user can add functionality to the OS! |
|||||||||||||||||
| • | Except
dynamically loaded device drivers |
|||||||||||||||||
| • | Data
must NEVER be treated as code! |
|||||||||||||||||
| • | “One
man’s code is another man’s data” A. Perlis |
|||||||||||||||||
