Secure Execution Environments

Protection with capabilities

Less common in normal OS kernels.

  • Though there are some good examples.

Example: open file descriptors.

  • Applications’ processes indirectly manipulate (open) files through file descriptors kept by the OS kernel.

    • File descriptors are referenced using integer indexes (aka file descriptors for simplicity…).

    • The OS kernel has full control over the contents of open file descriptors.

  • Access to open file descriptors can only be granted to other processes through the OS kernel.

    • Not really a usual operation, but possible!

  • Changes in the protection of files do not impact existing open file descriptors.

    • The access rights are evaluated and memorized when the file is open.

PreviousAccess controlNextUnix file protection ACLs

Last updated