Is it true that the the Linux security permissions system relies on the MMU? -- DavidCary
It depends on what you mean by "security permissions". The file system permissions are enforced by the file system. Any process operating through normal system calls will be unable to open files for which is does not have appropriate security.
However, security between processes is NOT enforced via memory protection, since there is no memory management unit. Any process can access the memory areas of the kernel or any other process. Thus it is not wise to run untrusted code on an MMU-less system. --TimBird
So any buggy executable can bypass the normal system calls, delete files, and crash the entire system.
But a buggy shell script or Java app will stay confined to its own compartment by the file system permissions (unless the shell or the JVM is a buggy executable).
p.s.: I'm starting to hear a lot of programmers use the term "trusted". And what they mean by it is not what I (or, I suspect, you) mean by it.
- "The Fallacy of Trusted Client Software" by Bruce Schneier, Information Security Magazine, August 2000
- "Trusted search software labels fraud site as safe" ... "Such incorrect classifications create a false sense of security"
- a user that cannot be ... trusted. ... Bob must assumed to be hostile, not just naive.
- "Trusted Computing: Promise and Risk" by Seth Schoen. "... trusted computing ... remains controversial. Some of the controversy is based on misconceptions ..."
--DavidCary 02:07, 14 June 2007 (EEST)