Outline for December 8, 2006

Reading: §15.2, 15.4

  1. Greetings and felicitations!
    1. Puzzle of the day
    2. Volunteer for course evaluations
  2. Capabilities
    1. Capability-based addressing
    2. Inheritance of C-Lists
    3. Revocation: use of a global descriptor table
  3. Privilege in Languages
    1. Nesting program units
    2. Temporary upgrading of privileges
  4. MULTICS ring mechanism
    1. MULTICS rings: used for both data and procedures; rights are REWA
    2. (b1, b2) access bracket—can access freely; (b3, b4) call bracket—can call segment through gate; so if a's access bracket is (32,35) and its call bracket is (36,39), then assuming permission mode (REWA) allows access, a procedure in:
      rings 0–31: can access a, but ring-crossing fault occurs
      rings 32–35: can access a, no ring-crossing fault
      rings 36–39: can access a, provided a valid gate is used as an entry point
      rings 40–63: cannot access a
    3. If the procedure is accessing a data segment d, no call bracket allowed; given the above, assuming permission mode (REWA) allows access, a procedure in:
      rings 0–32: can access d
      rings 33–35: can access d, but cannot write to it (W or A)
      rings 36–63: cannot access d

You can also obtain a PDF version of this. Version of December 8, 2006 at 7:15 AM