[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Small codebase as a prerequisite for security
Sean Lynch <[email protected]> writes:
>I'm not talking about raw size or complexity here; obviously having lots of
>features and support for lots of devices means high complexity, but it doesn't
>require that all that complexity run with full system privileges.
XKCD is, as usual, most apropos here:
https://www.xkcd.com/1200/
A huge amount of embedded stuff doesn't even have a kernel mode, because its
irrelevant (or, if the hardware does actually support two different modes,
everything is run in the highest-priv'd mode). Either the system is
robust/secure/reliable or it isn't, whether there's a kernel/user split is
irrelevant.
Peter.