19 lines
1.1 KiB
Org Mode
19 lines
1.1 KiB
Org Mode
#+TITLE: CLOSOS: Language-Based Protection Mechanisms
|
|
#+ID: closos-protection-mechanisms
|
|
#+DATE: 2026-03-22
|
|
#+FILETAGS: :architecture:lisp:os:closos:security:
|
|
|
|
* Concept
|
|
Security in a Lisp OS is enforced by the compiler and runtime environment rather than traditional hardware MMU (Memory Management Unit) boundaries.
|
|
|
|
* Key Principles
|
|
- **Controlled Access System:** The system is "closed" by the compiler. Only code produced by the trusted compiler—which excludes arbitrary pointer arithmetic and includes bounds checking—is allowed to execute in supervisor mode.
|
|
- **Tagged Pointers:** Objects are manipulated via tagged pointers. Access rights (read/write/execute) can be embedded directly into the tag bits of the pointer itself.
|
|
- **Capabilities:** Pointers function as capabilities. Possession of a pointer to an object implies the authority to interact with it according to the embedded access tags.
|
|
|
|
* Source
|
|
:PROPERTIES:
|
|
:ID: 9c69a9ab-1c96-490e-9a8e-fbeafacba30e
|
|
:END:
|
|
- [[attachment:strandh-lispos.pdf][Robert Strandh, "CLOSOS: Specification of a Lisp operating system" (2013)]]
|