AH> Screw the warrenties, oh great Penguin!
AH> Did I forget that this holds for all NCITS committee stuff?
AH> Please do not reply, but think.
I did think a while but am still replying.
So it appears that it's not possible to come up with a protecting OS unless
_all drivers that access fragile hardware_ are completely in the kernel and no
side channel (IDE ioctls, scsi generic, io port access etc) is accessible to
userspace and boot media (boot block, kernel, modules) is _write-protected_
(better do it physically).
Doing only some protection will not help since there are other channels left.
Doing all of it is nonsense in 99.9% of todays computers.
The only result that I found out is that the hardware that can be destoryed by
software is not ready for todays world. It should be fixed to not allow
self-destruction (like most monitors are fixed to defend from out-of-range
frequencies). I see no other feasible solutions.
-- Meelis Roos (mroos@linux.ee)- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Jul 31 2000 - 21:00:16 EST