By: anon2 (anon.delete@this.anon.com), March 16, 2021 5:16 pm
Room: Moderated Discussions
anon2 (anon.delete@this.anon.com) on March 16, 2021 5:13 pm wrote:
> Gabriele Svelto (gabriele.svelto.delete@this.gmail.com) on March 16, 2021 7:23 am wrote:
> > anon2 (anon.delete@this.anon.com) on March 15, 2021 8:00 pm wrote:
> > > Yes, some do that indeed. And your most common sandboxed application around when its running on the most
> > > common platform around (i.e., Linux/Android) uses a very different architecture that does not farm out
> > > all requests via IPC to a broker service, but instead does the majority of the filtering inline via kernel
> > > facilities (namespaces, eBPF). I'll give you three guesses as to which model has better performance.
> >
> > How is that relevant to the point? You claimed there wasn't software that proxy'd
> > function calls via IPC,
>
> No I didn't.
"Sandboxed applications in general do not work that way at all. Containers, cgroups, namespaces etc on Linux for example do no such thing, so it is entirely implementation specific. In this case the kernel isolates various resources inline in system calls, no IPC or message passing to be seen at all."
By that I meant that as a general statement, you can't say that sandboxed applications use RPC. Because some don't.
I did not write or imply that some specific sandboxed application does not use it, I was talking about in general.
> Gabriele Svelto (gabriele.svelto.delete@this.gmail.com) on March 16, 2021 7:23 am wrote:
> > anon2 (anon.delete@this.anon.com) on March 15, 2021 8:00 pm wrote:
> > > Yes, some do that indeed. And your most common sandboxed application around when its running on the most
> > > common platform around (i.e., Linux/Android) uses a very different architecture that does not farm out
> > > all requests via IPC to a broker service, but instead does the majority of the filtering inline via kernel
> > > facilities (namespaces, eBPF). I'll give you three guesses as to which model has better performance.
> >
> > How is that relevant to the point? You claimed there wasn't software that proxy'd
> > function calls via IPC,
>
> No I didn't.
"Sandboxed applications in general do not work that way at all. Containers, cgroups, namespaces etc on Linux for example do no such thing, so it is entirely implementation specific. In this case the kernel isolates various resources inline in system calls, no IPC or message passing to be seen at all."
By that I meant that as a general statement, you can't say that sandboxed applications use RPC. Because some don't.
I did not write or imply that some specific sandboxed application does not use it, I was talking about in general.
| Topic | Posted By | Date |
|---|---|---|
| x86 - why unite when you can fragment? | anonymou5 | 2021/03/12 06:16 PM |
| x86 - why unite when you can fragment? | Linus Torvalds | 2021/03/13 01:18 PM |
| x86 - why unite when you can fragment? | Jon Masters | 2021/03/13 07:25 PM |
| x86 - why unite when you can fragment? | Jon Masters | 2021/03/13 07:44 PM |
| x86 - why unite when you can fragment? | Yuhong Bao | 2021/03/13 08:49 PM |
| x86 - why unite when you can fragment? | tt | 2021/03/20 09:30 AM |
| x86 - why unite when you can fragment? | Andrey | 2021/03/14 04:15 PM |
| x86 - why unite when you can fragment? | Linus Torvalds | 2021/03/14 04:58 PM |
| x86 - why unite when you can fragment? | anonymou5 | 2021/03/14 05:31 PM |
| x86 - why unite when you can fragment? | anon2 | 2021/03/14 08:07 PM |
| Microkernel? | Anon | 2021/03/14 11:49 PM |
| Microkernel? | none | 2021/03/15 12:37 AM |
| Microkernel? | Anon | 2021/03/15 01:56 AM |
| Microkernel? | anon2 | 2021/03/15 01:58 AM |
| Microkernel? | Simon Farnsworth | 2021/03/15 03:12 AM |
| Microkernel? | anon2 | 2021/03/15 04:53 AM |
| Microkernel? | Simon Farnsworth | 2021/03/15 06:56 AM |
| Microkernel? | iz | 2021/03/15 08:10 AM |
| Microkernel? | Anon | 2021/03/15 09:05 AM |
| Microkernel? | iz | 2021/03/16 01:25 AM |
| Microkernel? | Andrey | 2021/03/16 02:54 AM |
| Microkernel? | iz | 2021/03/16 08:36 AM |
| Microkernel? | Andrey | 2021/03/16 10:06 AM |
| Microkernel? | anonymou5 | 2021/03/16 11:44 AM |
| Microkernel? | iz | 2021/03/21 02:58 AM |
| Microkernel? | Andrey | 2021/03/21 09:34 AM |
| Microkernel? | anon2 | 2021/03/15 08:31 AM |
| Microkernel? | Simon Farnsworth | 2021/03/16 04:42 AM |
| Microkernel? | Gabriele Svelto | 2021/03/15 03:21 AM |
| Microkernel? | anon2 | 2021/03/15 04:56 AM |
| Microkernel? | Gabriele Svelto | 2021/03/15 10:41 AM |
| Microkernel? | anon2 | 2021/03/15 08:00 PM |
| Microkernel? | Gabriele Svelto | 2021/03/16 07:23 AM |
| Microkernel? | anon2 | 2021/03/16 05:13 PM |
| Microkernel? | anon2 | 2021/03/16 05:16 PM |
| Microkernel? | Gian-Carlo Pascutto | 2021/03/16 01:40 PM |
| Microkernel? | anon2 | 2021/03/16 05:53 PM |
| Microkernel? | Linus Torvalds | 2021/03/16 07:25 PM |
| Microkernel? | Doug S | 2021/03/17 09:30 AM |
| Microkernel? | Linus Torvalds | 2021/03/17 10:30 AM |
| Microkernel? | Brendan | 2021/03/17 10:56 PM |
| Microkernel? | Michael S | 2021/03/18 03:47 AM |
| Microkernel? | Brendan | 2021/03/18 09:07 AM |
| Microkernel? | Jose | 2021/03/18 09:35 AM |
| Microkernel? | zArchJon | 2021/03/18 05:42 PM |
| Transputer | RichardC | 2021/03/17 09:47 AM |
| Microkernel? | dmcq | 2021/03/17 11:15 AM |
| Microkernel? | Linus Torvalds | 2021/03/17 11:59 AM |
| Microkernel? | dmcq | 2021/03/17 12:38 PM |
| Microkernel? | Adrian | 2021/03/17 01:00 PM |
| Microkernel? | Ana R. Riano | 2021/03/18 04:33 AM |
| Microkernel? | ⚛ | 2021/04/30 04:52 PM |
| Microkernel? | NvaxPlus | 2021/03/17 11:48 AM |
| Microkernel? | Michael S | 2021/03/18 03:32 AM |
| Microkernel? | Adrian | 2021/03/18 04:12 AM |
| Microkernel? | dmcq | 2021/03/18 06:30 AM |
| Microkernel? | dmcq | 2021/03/18 06:55 AM |
| Microkernel? | Adrian | 2021/03/18 08:35 AM |
| Microkernel? | --- | 2021/03/18 09:49 AM |
| Microkernel? | dmcq | 2021/03/18 10:59 AM |
| Microkernel? | dmcq | 2021/03/18 04:09 PM |
| Microkernel? | --- | 2021/03/18 09:27 AM |
| Microkernel? | Kalle A. Sandström | 2021/03/20 06:34 AM |
| Microkernel? | --- | 2021/03/20 08:35 AM |
| Microkernel? | anon2 | 2021/03/21 05:29 PM |
| Microkernel? | dmcq | 2021/03/15 04:06 AM |
| Microkernel? | anon2 | 2021/03/15 04:59 AM |
| Microkernel? | dmcq | 2021/03/15 11:51 AM |
| Microkernel? | anon2 | 2021/03/15 08:31 PM |
| Microkernel? | dmcq | 2021/03/16 09:17 AM |
| Microkernel? | Jukka Larja | 2021/03/16 11:22 AM |
| Microkernel? | dmcq | 2021/03/16 04:06 PM |
| Microkernel? | Jukka Larja | 2021/03/17 03:42 AM |
| Microkernel? | dmcq | 2021/03/17 07:00 AM |
| Microkernel? | anon2 | 2021/03/16 05:26 PM |
| Microkernel? | --- | 2021/03/16 10:07 AM |
| Microkernel? | -.- | 2021/03/15 08:15 PM |
| Microkernel? | anon2 | 2021/03/15 09:18 PM |
| Microkernel? | Foo_ | 2021/03/16 03:37 AM |
| Read the thread (NT) | anon2 | 2021/03/16 05:27 PM |
| Already did (NT) | Foo_ | 2021/03/17 02:55 AM |
| Already did | anon2 | 2021/03/17 03:46 AM |
| Already did | Etienne Lorrain | 2021/03/18 02:31 AM |
| Microkernel? | -.- | 2021/03/17 05:04 AM |
| Microkernel? | Gabriele Svelto | 2021/03/17 08:53 AM |
| Microkernel? | -.- | 2021/03/17 02:43 PM |
| Microkernel? | dmcq | 2021/03/16 08:40 AM |
| x86 - why unite when you can fragment? | Konrad Schwarz | 2021/03/17 10:19 AM |
| x86 - why unite when you can fragment? | anonon | 2021/03/15 07:37 AM |