:PROPERTIES:
:ID:       0c4119ab-0af8-4977-b114-7071884c1ad7
:CREATED:  [2026-03-30 Mon 21:16]
:EDITED:   [2026-04-07 Tue 13:42]
:END:
#+TITLE: CLOSOS: Language-Based Protection Mechanisms
#+DATE: 2026-03-22
#+FILETAGS: :architecture:lisp:os:closos:security:

* Concept
Security in a Lisp OS is enforced by the compiler and runtime environment rather than traditional hardware MMU (Memory Management Unit) boundaries.

* Key Principles
- *Controlled Access System:* The system is "closed" by the compiler. Only code produced by the trusted compiler—which excludes arbitrary pointer arithmetic and includes bounds checking—is allowed to execute in supervisor mode.
- *Tagged Pointers:* Objects are manipulated via tagged pointers. Access rights (read/write/execute) can be embedded directly into the tag bits of the pointer itself.
- *Capabilities:* Pointers function as capabilities. Possession of a pointer to an object implies the authority to interact with it according to the embedded access tags.

* Source
:PROPERTIES:
:ID:       9c69a9ab-1c96-490e-9a8e-fbeafacba30e
:END:
- [[attachment:strandh-lispos.pdf][Robert Strandh, "CLOSOS: Specification of a Lisp operating system" (2013)]]