From owner-freebsd-security Fri Nov 9 4:19:26 2001 Delivered-To: freebsd-security@freebsd.org Received: from atkielski.com (atkielski.com [161.58.232.69]) by hub.freebsd.org (Postfix) with ESMTP id 1E07537B421 for ; Fri, 9 Nov 2001 04:19:18 -0800 (PST) Received: from contactdish (ASt-Lambert-101-2-1-14.abo.wanadoo.fr [193.251.59.14]) by atkielski.com (8.11.6) id fA9CIUZ93395; Fri, 9 Nov 2001 13:18:30 +0100 (CET) Message-ID: <01b301c16918$be1763a0$0a00000a@atkielski.com> From: "Anthony Atkielski" To: Subject: FreeBSD and i386 VM hardware Date: Fri, 9 Nov 2001 13:19:06 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4522.1200 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org To what extent does FreeBSD actually use all the fancy virtual-memory features of latter-day i386 processors? As I recall (it has been several years since I looked into it), the Intel microprocessors provide some very elaborate features for management of virtual memory, I/O operations, and security, allowing total hardware isolation of untrusted processes. How much of this is used by FreeBSD? I know that UNIX is supposed to isolate users from each other, but how much of this is done in hardware, and how much of it is simulated in software? Very tight security usually requires a lot of interdependency between the hardware and the OS, and since UNIX is supposed to be a multiplatform OS, I'm wondering how much hardware support for security is actually used by the system. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message