From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: To: 9fans@9fans.net Date: Fri, 17 Apr 2009 06:48:28 +0200 From: lucio@proxima.alt.za In-Reply-To: <9ab217670904161319v50166aebkc54d1f8481c30bb8@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] security questions Topicbox-Message-UUID: dfa2413c-ead4-11e9-9d60-3106f5b1d025 >> One can indirectly (and more consistently) limit the number of >> allocated resources in this fashion (indeed, the number of open file >> descriptors) by determining the amount of memory consumed by that >> resource as proportional to the size of the resource. If I as a user >> have 64,000 allocations of type Foo, and struct Foo is 64 bytes, then >> I hold 1,000 Foos. > > And by this, I clearly mean 64,000 bytes of allocated Foos. >>From purely a spectator's perspective, I believe that if one needs to add considerable complexity to Plan 9 in the form of user-based kernel resource management, one may as well look carefully at the option of adding self-virtualisation to the Plan 9 kernel and manage resources in the virtualisation layer. Plan 9 has provided a wide range of sophisticated, yet simple techniques to solve a wide range of computer/system problems, but I'm of the opinion that it missed virtualisation as one of these techniques. I may be dreaming, but I've long been of the opinion that Plan 9 itself makes a great platfrom on which to construct virtualisation. ++L