Warning: mysqli::__construct(): (HY000/1203): User howardkn already has more than 'max_user_connections' active connections in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\includes\artfuncs.php on line 21
Failed to connect to MySQL: (1203) User howardkn already has more than 'max_user_connections' active connections
Warning: mysqli::query(): Couldn't fetch mysqli in D:\Inetpub\vhosts\howardknight.net\al.howardknight.net\index.php on line 66
Article <usg40i$1udfo$3@dont-email.me>
Deutsch   English   Français   Italiano  
<usg40i$1udfo$3@dont-email.me>

View for Bookmarking (what is this?)
Look up another Usenet article

Path: ...!eternal-september.org!feeder3.eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: Lawrence D'Oliveiro <ldo@nz.invalid>
Newsgroups: comp.arch
Subject: Capabilities, Anybody?
Date: Fri, 8 Mar 2024 22:38:11 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 16
Message-ID: <usg40i$1udfo$3@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 8 Mar 2024 22:38:11 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="d5f167ea8e6b66fd37103ff38661b22f";
	logging-data="2045432"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX18ltQm6ZitfYWfTxENjFWjp"
User-Agent: Pan/0.155 (Kherson; fc5a80b8)
Cancel-Lock: sha1:ETPC/pGcpN5gslWo0EHpdnR4Wz8=
Bytes: 1760

“Capabilities” are an old idea for doing memory protection by storing the 
access rights in unforgeable descriptors that are given to authorized 
processes. This way, there is no need for the traditional unprivileged-
versus-privileged-processor-mode concept; process A can have privileged 
access to memory region X but not Y, while process B can have privileged 
access to memory region Y but not X, so neither is “more” privileged than 
the other: each one is trusted with just a limited set of privileged 
functions.

The idea fell out of use because of performance issues. But in these more 
security-conscious times, the overhead seems more and more like a 
reasonable price to pay for the greater control it offers. There is a 
project called CHERI, whose concepts have been implemented in Arm’s 
“Morello” chip.

<https://www.theregister.com/2022/07/26/cheri_computer_runs_kde/>