Actually, UDI opens up some interesting possibilities for *increasing*
system security in the light of untrusted drivers. The UDI APIs are
designed so that an OS could, if it chose to, run a driver in its own
private address space, thereby preventing core kernel corruption from
stray pointers or deliberate misuse, in much the way user applications
are prevented from corrupting the kernel (though not necessarily with
the same overhead cost).
Presumably, such an OS would provide a way to configure the level of
trust on a per-driver (or even device) basis.
-----------------------------------------------------------------------
Kurt Gollhardt email: kdg@sco.com voice: +1 908 790 2277
SCO Core OS Architect Murray Hill, NJ fax: +1 908 790 2426
-----------------------------------------------------------------------
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/