Talk:Processors

From eLinux.org
Revision as of 23:07, 13 June 2007 by DavidCary (Talk | contribs) ("buggy executable", "trusted")

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Is it true that the the Linux security permissions system relies on the MMU? -- DavidCary

It depends on what you mean by "security permissions". The file system permissions are enforced by the file system. Any process operating through normal system calls will be unable to open files for which is does not have appropriate security.

However, security between processes is NOT enforced via memory protection, since there is no memory management unit. Any process can access the memory areas of the kernel or any other process. Thus it is not wise to run untrusted code on an MMU-less system. --TimBird

So any buggy executable can bypass the normal system calls, delete files, and crash the entire system.

But a buggy shell script or Java app will stay confined to its own compartment by the file system permissions (unless the shell or the JVM is a buggy executable).

p.s.: I'm starting to hear a lot of programmers use the term "trusted". And what they mean by it is not what I (or, I suspect, you) mean by it.

--DavidCary 02:07, 14 June 2007 (EEST)