On Friday, March 29, 2019 at 4:00:55 AM UTC-4,
frederic.j...@gmail.com wrote:
Hi,
I kwnow that VxWorks already distinguish userland and kernel.
Is it possible to haden the userland of VxWorks? I mean implementing restrictions on the file system, system call based on process ID.
Thanks
Fred
Yes, a framework to limit system calls available to certain process along with time based frame scheduler was introduced in the "safety profile", with recent changes in packaging of VxWorks 7 I think it's part of normal bundle as well.
The approach isn't by process ID, the process path and it's resources/constraints are put in a static tables, vs. the launching though an function or shell call you typical use with a process/RTP. But safety certified systems love the statically declared
approach, so that drove the design.
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)