OSDev.org

AlexExtreme wrote:

nekros wrote:as stable as possible in ring 0. The idea behind singularity I think.

Have you actually read anything about how Singularity works?

I did not mean it in the sense that the OS is based on Singularity. I just thought that it was *somewhat* like it.

nekros wrote:No, It doesn't matter if there is network services for ring 0. From a virus point of view the user can choose which one to use. I'd pick non-virus.

I still don't get it. When you say that "the user can choose," are you saying one of the following:
- That the user can set whether all the userspace programs should run in ring 0/3 (easy but inflexible)
- That the user/OS can decide which individual programs should run in ring 0/3 (complicated and unreliable)
- That the program developer decides if a program should run in ring 0/3 (downright stupid when dealing with virus developers )

And again, I would really suggest deciding 1 ring for all the userspace programs to run in.

There are types of applications, ring 0 and ring 3. A ring 0 program will not run in ring 3. All of this will be encoded into the executable. No virus will run automatically. A user would have to choose to run the virus. When a program requests a mode switch it automatically kills itself and all other processes in the current ring. A virus cannot switch modes and then run in ring 0, it would kill itself.

nekros wrote:I did not mean it in the sense that the OS is based on Singularity. I just thought that it was *somewhat* like it.

Well it's not. What Singularity does can only be done with managed code, it can verify the code at start time to make sure it doesn't do anything it shouldn't.

Let me introduce myself. My name is Mallory, and I want to take over your system to turn it into a spambot.

*evillaughter*

nekros wrote:There are types of applications, ring 0 and ring 3. A ring 0 program will not run in ring 3. All of this will be encoded into the executable.

Good. My program will be running in ring 0.

No virus will run automatically. A user would have to choose to run the virus.

No problemo. I could make my program look like the latest update to application X. Or I could use a buffer overflow in your web browser to have it choose to run my code.

Or I could simply attach my code to an e-mail claiming it will show you Anna Kournikova naked.

All of this has worked millions of times in the past, why should the users of your OS be any smarter?

When a program requests a mode switch it automatically kills itself and all other processes in the current ring.

Heh, fun!

That means that I could forget all about writing my code to run in ring 0, I just write it in ring 3, request a mode switch, and kill all other processes in the current ring, i.e. kill all your userspace...

</mallory>

Sorry, but this doesn't seem to be well thought-out. Or I am seriously misunderstanding things.

Don't worry this is just the beginning! Thanks for pointing out some of the problems, I'll be working on that today.

EDIT: The OS is still being thought out. It'll be a couple days until the next part and revision.

Maybe I'll quite with ring 3 and have internet browser run in a virtual machine...

Now the newer version without ring 3.

Rename to .pdf

please read it.

Hi I'm mallory's twin brother colin. Actually I'm just a while(1) loop that can silently lock up your whole computer .

On a serious note your goals are still contradictory. You have a crash proof OS where the programs are capable of doing anything to each other with impunity. What would prevent a program from just overwriting the pagetables of another program? How can you force programs to use your kernel-level provisioned protection when they will have the same privilege levels as the kernel itself?

Ok, I forgot to take that out, not crash proof.

I think that I'll change my design to the typical monolithic kernel with device drivers and preemptive multitasking. The reason I chose this design is because it was simple, but nobody wants an OS that is open to crashing and viruses.