With "dangerous code" I meant : code which *could beWe dont need 2 kernels like today.The kernel is even more privileged than the X server
All "dangerous code" should be in kernel.
dangerous code there is counterproductive. Security
comes about through
intelligent design decisions, compartmentalisation,
security critical code segments and the like. If you
merely put shit in
a different bucket you still have a bad smell.
potentially dangerous* like accessing directly the
That code should be only in the kernel.