CITS2002 Systems Programming  
next CITS2002 CITS2002 schedule  

Users and their Operating System representation

Traditionally, an operating system positions itself directly between running processes and the hardware, and only permits information about the hardware, and software's queries and requests to pass through the kernel.

System calls are (supposed to be) the only mechanism by which processes may interact with the operating system and the resources it is protecting and managing (i.e. a process may not randomly read nor write the memory of the kernel, or of another process, itself).

Unix has adopted the approach that processes are the only active entities on a system (i.e. devices are passive). Processes act on the behalf of users, while accessing resources in a controlled fashion.

If these two approaches have been successful, we can study the basic security aspects of an operating system by examining:

  • the state of processes at runtime,
  • how a process's state may be changed,
  • how a process represents a user,
  • the mechanisms used to protect resources.

 


CITS2002 Systems Programming, Lecture 22, p1, 15th October 2019.