OT: Can We Make OSes Reliable and Secure

[Christopher Browne]

On 6/2/06, Sy Ali <sy1234-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org> wrote:
> I personally would be willing to take a mere 10% hit on performance
> (however _that_ is defined.. heh) for "stability".  I'd be willing to
> take 50% or more to be able to better manager and trust my computer.

Jails are something which generally doesn't even have that cost...

There is some cost in terms of additional memory consumption; a few MB
per jail.  But they still get to share libraries, binaries, and cache
with the applications in other jails (or that aren't jailed) so that
the cost is really pretty minimal.

And this approach is, whether with explicit common mechanism or not,
one which has been getting increasingly used on Unix-like systems.
These days, hardly anyone runs Sendmail, with its "monolith" of
various aspects of instability.  They run Postfix or qmail, which,
without any special extra "jail" frameworks, run as much of the MTA
process under plain ordinary user contexts as possible.

And contrary to the "rules of thumb" about microkernel vs monolithic
kernel, the "split out" mailers tend to provide *higher* performance
than their monolithic brethren.

This isn't virtualization, which does tend to be expensive...
-- 
http://www3.sympatico.ca/cbbrowne/linux.html
Oddly enough, this is completely standard behaviour for shells. This
is a roundabout way of saying `don't use combined chains of `&&'s and
`||'s unless you think Gödel's theorem is for sissies'.
--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml