Sealing OS Processes to Improve Dependability and Safety
Click here to download now
Overview: In most modern operating systems, a process is a hardware-protected abstraction for isolating code and data. This protection, however, is selective. Many common mechanisms - dynamic code loading, run-time code generation, shared memory, and intrusive system APIs - make the barrier between processes very permeable. In this paper it is argued that this traditional open process architecture exacerbates the dependability and security weaknesses of modern systems.