All Things Microsoft > Microsoft as a Company
One line of html code to crash Winblows
RaZoR1394:
--- Quote from: Combustible ---technically no, a bug is when something doesnt work... you cant compare behavior of windows to *nix as a basis for calling it a bug, those are two very different codebases. this is working as it was designed to work, it just needs safeguards to prevent it from trying to do what its being told to do.
i would therefore call it an exploit. a rather useless one but still an exploit.
--- End quote ---
I just call everything that doesn't work a bug. So don't take my word seriously. You're very right about that. It's similar to the DDOS problem where for ex the web server just does what it is supposed to do. On the other hand you can have safeguards for it or special firewall features. I have howewer just started learning about security problems so I'm not so experienced with it.
Combustible:
the browsers shouldnt try to display a pic that would bring down the pc, that much is for sure... i think it should do a simple memory check and decide if it should even bother with the pic, a 3260x3620 image could eat up 100 megs of ram... basically we need "smarter" software.
Aloone_Jonez:
May be so, but a decent operating system shouldn't let a program running in ring 3 bring down the system.
This is a bug in the operating system, even if the browser is as buggy as hell this system shouldn't crash.
toadlife:
--- Quote from: Aloone_Jonez ---May be so, but a decent operating system shouldn't let a program running in ring 3 bring down the system.
--- End quote ---
No it shouldn't.
But all operating systems have this funny way of finding out new and different ways of sucking every day.
muzzy:
--- Quote from: Aloone_Jonez ---Windows is silly for running its Windowing system in kernel mode while the UNIX X-window system runs in user mode.
--- End quote ---
Indeed, but there's a good reason for it, too. Well, kinda. The issue is system call latency. The windows architecture is actually designed so that all the subsystems are separate processes and couldn't crash the kernel, but there's a big issue with it. Since the communication mechanism between application and the subsystem is a plain client/server model, it means that both are scheduled and threaded normally. The client makes a request, to which the subsystem must respond in a different process, and then return operation back to the first process. Since windows quantum size is typically 25 milliseconds, under 100% cpu load this would be a serious issue, as all system calls could take 50 milliseconds to complete. This isn't acceptable.
In the original NT design, there was a hack to implement it. Two special system interrupts to do ordered fashion context switching, to call another process and then return, without scheduling. However, it was a hack, and MS wanted to replace it. So, portions of different parts of win32 subsystem got moved into kernel, for faster access. In my opinion, this was a bad choice, at least in hindsight. Modern systems are already so fast that 25ms quantums are insanely long, especially for workstation use. I'd rather have 1ms quantums or even shorter for desktop systems, and possibly a different kind of RPC mechanism for controlled context switching.
So, it's running in kernel for performance reasons. Which IMO could be better solved in other ways.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version