From: "Tony Ingenoso" 

This is a multi-part message in MIME format.

------=_NextPart_000_022A_01C2B0C4.F3884D70
Content-Type: text/plain;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Particular embodiments can be limiting - like the 80286, but as a = general
concept there's nothing wrong with them and they have some major =
advantages:

  a.. - dramatically more efficient use of memory (with associated L1 =
hit ratio improvements)
  b.. - finer grained security properties for memory objects (can't just =
randomly execute any code or read any data in the visible virtual space)
  c.. - smaller swap files if you choose to swap on a segment basis.  =
OS/2 1.3 got significant improvments from the swap cache and doing = grouped swaps.
If the segment sizes and number of allowable segments don't have the =
severe limits the 286/386 had, then its not a developer issue as much as =
a tools issue.   8k LDT/GDT entries and 64K segments were a crippling =
limit and didn't let the concept show itself properly. =20

IMO, a segmented architecture with several protection ring levels like =
x86 has with the old size limits removed would cure at least half the =
exploit issues cropping up today.  In effect, todays PC's are running =
with LESS hardware security assist than a 1987 vintage 286 running OS/2 =
1.0 had available to it.

  "Dave Ings"  wrote in message =
news:3e112495$1{at}w3.nls.net...

  ...Segmented architectures are evil, and cause no end of grief for the =
application developer community.


------=_NextPart_000_022A_01C2B0C4.F3884D70
Content-Type: text/html;
        charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable








Particular embodiments can be limiting =
- like the=20
80286, but as a general concept there's nothing wrong with them and they = have=20
some major advantages:
 

  - dramatically more efficient use of =
memory (with=20
  associated L1 hit ratio improvements)
  - finer grained security properties =
for memory=20
  objects (can't just randomly execute any code or read any data in =
the=20
  visible virtual space)
  - smaller swap files if you choose to =
swap on a=20
  segment basis.  OS/2 1.3 got significant improvments from =
the swap=20
  cache and doing grouped swaps.
If the segment sizes and number of =
allowable=20
segments don't have the severe limits the 286/386 had, then its not a = developer=20
issue as much as a tools issue.   8k LDT/GDT entries and
64K = segments=20
were a crippling limit and didn't let the concept show itself =
properly. =20

 
IMO, a segmented architecture with =
several=20
protection ring levels like x86 has with the old size limits removed = would cure=20
at least half the exploit issues cropping up today.  In effect, =
todays PC's=20
are running with LESS hardware security assist than a 1987 vintage = 286=20
running OS/2 1.0 had available to it.
 

  "Dave Ings" <ings{at}sympatico.ca>">mailto:ings{at}sympatico.ca">ings{at}sympatico.ca>
wrote in =
message news:3e112495$1{at}w3.nls.net...
   
  ...Segmented architectures are evil, and cause no =
end of=20
  grief for the application developer community.
   

------=_NextPart_000_022A_01C2B0C4.F3884D70--

--- BBBS/NT v4.01 Flag-4