Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!iuvax!rutgers!psuvax1!schwartz@shire.cs.psu.edu From: schwartz@shire.cs.psu.edu (Scott Schwartz) Newsgroups: comp.unix.wizards Subject: Multics (was Re: getcwd() and friends.) Message-ID: <4525@psuvax1.cs.psu.edu> Date: 30 Apr 89 23:52:32 GMT References: <3675@ficc.uu.net> <14689@rpp386.Dallas.TX.US> <16758@mimsy.UUCP> <144@titania.warwick.ac.uk> <824@necisa.necisa.oz> <4523@psuvax1.cs.psu.edu> <892@twwells.uucp> Sender: news@psuvax1.cs.psu.edu Reply-To: schwartz@shire.cs.psu.edu (Scott Schwartz) Organization: Pennsylvania State University, Computer Science Lines: 31 In-reply-to: bill@twwells.uucp (T. William Wells) In article <892@twwells.uucp>, bill@twwells (T. William Wells) writes: >In article <4523@psuvax1.cs.psu.edu> schwartz@shire.cs.psu.edu (Scott Schwartz) writes: >: I think we need a good dose of Multics: Reading the time should be >: equivalent to accessing an object in virtual memory. In fact, the >: whole operating system system should behave like that, filesystem, >: system calls, and so on. > >Ack, NO! All we need is one rogue pointer and almost ANYTHING can >happen! > >That notion is attractive, but the separation produced by having >system calls means that a much smaller class of errors is likely to >do random things to your operating environment. No, no, no. Multics had an amazing protection scheme! System calls are implemented as special places in privliged rings that you are allowed to branch to. Touch anything else, and the system returns an access violation. The point is that the memory management system takes care of making sure users are playing by the rules, so that you don't need to do a context switch as such, possible via an expensive processor trap. Think of it this way: in Unix the filesystem has a more general protection scheme than does the vm system; you can indicate who (user,group,other) has access to what files, and for what operatons. Multics has general access control lists. So at the worst, ignoring all the good stuff that Multics could do for you, you reduce to Unix. By the way, are there any Multics sites still in operation out there? -- Scott Schwartz