Here's a bit of a trick or a "programming pearl" to show why high-level
systems programming languages are useful. The trick uses existential
types/packages to securely and easily enable a kind of system call API
that most operating systems spend a lot of effort to support. This only works in an advanced language like Deca, or even exactly and
only in Deca where the abstracted data in an existential package is
unboxed.
You take an existential package describing an OS object and functions available on it, you package it with some constant value like 0xdeadbeef, and then you encrypt the whole thing using a key only the kernel knows. You then hand the resulting blob of bytes to the userspace applications as a cryptographically-based capability. User-space knows the existential type and the size-in-memory of the capability it has received, but it can't decrypt the capability and can't pierce the existential veil.
Your OS's system-call API can thus support capability-based naming and security.
You take an existential package describing an OS object and functions available on it, you package it with some constant value like 0xdeadbeef, and then you encrypt the whole thing using a key only the kernel knows. You then hand the resulting blob of bytes to the userspace applications as a cryptographically-based capability. User-space knows the existential type and the size-in-memory of the capability it has received, but it can't decrypt the capability and can't pierce the existential veil.
Your OS's system-call API can thus support capability-based naming and security.
0 commentaires:
Enregistrer un commentaire