[Cryptography] Transactional software updates
Henry Baker
hbaker1 at pipeline.com
Fri Dec 1 16:56:50 EST 2017
At 08:43 AM 10/30/2017, Tom Mitchell wrote:
>Rather than using shared libraries, I would like to see the use of
>approaches that strip down linked libraries to exactly the methods
>that are actually
>
>Shared libraries in addition to saving RAM and disk space also
>distribute maintenance. A consumer of a library "should" need to
>know no more than the API of the function and methods being used.
>
>Once things get stripped down and only contain the exact set of functions
>used the author quickly is responsible for evaluating all changes and rebuilding
>the application. That is difficult enough that many will rebuild if the library
>gets touched.
You are describing the "unikernel"/MirageOS approach, which just enough
of an OS to allow a web site to talk to a *single user*.
You then use a hypervisor to run *thousands* of these little unikernel
VM's, each completely separate from one another.
MirageOS utilizes the capabilities of the OCaml language, which elegantly
strip out the inessential portions of the OS and libraries that aren't
needed.
More information about the cryptography
mailing list