Linked by Thom Holwerda on Mon 21st Nov 2011 11:25 UTC, submitted by moondevil
OSNews, Generic OSes You all know MINIX - a microkernel operating system project led by Andrew Tanenbaum. The French Linux magazine has an interview with Andrew Tanenbaum about MINIX' current state and future. There's some interesting stuff in there.
Thread beginning with comment 497852
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Comment by peteo
by Alfman on Mon 21st Nov 2011 21:36 UTC in reply to "RE: Comment by peteo"
Member since:


"Consider the main sources of vulnerabilities in the desktop world, and you will find the JRE, Adobe Reader, Flash Player, and Internet Explorer near the top of the list. All of these software are interpreters, dealing with a form of managed code (Java, PDF, SWF, HTML, CSS, and Javascript in these examples)."

Well, to be fair, these are all internet facing technologies which have been tasked with running arbitrary untrusted code. Non network facing tools, such as GCC, bison, libtool, etc could also have vulnerabilities (such as stack/heap overflows), but these are far less consequential because these tools aren't automatically run from the internet.

An apples to apples comparison would have web pages serve up C++ code to be compiled with G++ and then executed. In this light the security of JRE, JS, flash all come out far ahead of GCC because it has no defensive mechanisms at all.

I think highly optimized managed languages would do very well in an OS. Even if there are some exploits caused by running untrusted code, it's not like a responsible admin should go around injecting untrusted code into their kernel.

There are other reasons a managed kernel would be nice, I know we've talked about it before.

Reply Parent Score: 2