可证明安全操作系统 (PSOS) 的基础 (1979) [pdf]

【HN用户评论摘要】 I understand why in 1979 and perhaps until mid 1990s capability OS architecture might have been irrelevant and excessive. But after that, it sounds like the only architecture suitable for the internet age, where you can download and run anything from anywhere. Instead, we're stuck with legacy systems, which now contain layers of layers of abstractions and security measures. User rights, anti-virus software, vetting (signatures, hashes, app-store verification) - all become obsolete or near-obsole I would honestly like to understand why Miagg's comment has been flagged. [已标记] 原始链接: http://www.csl.sri.com/users/neumann/psos.pdf