Otdfbt

Why did Gendry call himself Gendry Rivers?

Where do 5 or more U.S. counties meet in a single point?

Game artist computer workstation set-up – is this overkill?

The unknown and unexplained in science fiction

Antivirus for Ubuntu 18.04

My parents are Afghan

Why doesn't increasing the temperature of something like wood or paper set them on fire?

How do I give a darkroom course without negs from the attendees?

Appropriate age to involve kids in life changing decisions

Why did Dr. Strange keep looking into the future after the snap?

When does WordPress.org notify sites of new version?

In a series of books, what happens after the coming of age?

TikZ/PGF draw algorithm

Picking a theme as a discovery writer

Magical Modulo Squares

Convert Numbers To Emoji Math

If quadruped mammals evolve to become bipedal will their breast or nipple change position?

Are modes in jazz primarily a melody thing?

How to get file name from inside a latex file?

Did any early RISC OS precursor run on the BBC Micro?

Single supply non-inverting amplifier using op amp

How do I minimise waste on a flight?

What happens when the drag force exceeds the weight of an object falling into earth?

What calendar would the Saturn nation use?

Monolithic vs Micro kernel

How to switch from a custom Linux kernel to a distribution kernelWhy do we need a compiled kernel source tree for compiling modules?What can cause kernel out_of_memory error?Kernel Printk: xx message suppressedsolaris to linux migrationWhat are main differences between Linux and FreeBSD system from sysadmin point of view?Server won't boot, kernel panic - not syncingHow to disable perf subsystem in Linux kernel?How can I track security issues with running kernel under paravirtualisation?Exec format Error. cxbf.ko from kernel has no modversions, so it cannot be reused for kernel

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;

8

3

What are the differences between a monolithic kernel and a microkernel with respect to structure and security. My friend told me that Linux systems have monolithic kernel and thus are not easier to hack but I don't think he was actually correct.

Someone please enlighten me.

unix kernel

share|improve this question

asked Aug 14 '10 at 13:39

Prasoon SauravPrasoon Saurav

19727

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  For a bit of historical background, you can read the The Tanenbaum-Torvalds Debate from 1992.
  
  – Dennis Williamson
  Aug 14 '10 at 18:24
  
  

  
  
  
  

add a comment | 

8

3

What are the differences between a monolithic kernel and a microkernel with respect to structure and security. My friend told me that Linux systems have monolithic kernel and thus are not easier to hack but I don't think he was actually correct.

Someone please enlighten me.

unix kernel

share|improve this question

asked Aug 14 '10 at 13:39

Prasoon SauravPrasoon Saurav

19727

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  For a bit of historical background, you can read the The Tanenbaum-Torvalds Debate from 1992.
  
  – Dennis Williamson
  Aug 14 '10 at 18:24
  
  

  
  
  
  

add a comment | 

What are the differences between a monolithic kernel and a microkernel with respect to structure and security. My friend told me that Linux systems have monolithic kernel and thus are not easier to hack but I don't think he was actually correct.

Someone please enlighten me.

unix kernel

share|improve this question

asked Aug 14 '10 at 13:39

Prasoon SauravPrasoon Saurav

19727

share|improve this question

asked Aug 14 '10 at 13:39

Prasoon SauravPrasoon Saurav

19727

share|improve this question

asked Aug 14 '10 at 13:39

Prasoon SauravPrasoon Saurav

19727

asked Aug 14 '10 at 13:39

Prasoon SauravPrasoon Saurav

19727

asked Aug 14 '10 at 13:39

Prasoon SauravPrasoon Saurav

19727

2 Answers
2

active

oldest

votes

6

The basic difference is that a micro kernel (MK) is very small and only provides a very minimal set of services.
The majority of what are normally considered operating system services are provided by separate processes that execute outside of the kernel, and in a less privileged mode.
These processes need to comunicate via some from of IPC, instead of just reading/writing to whatever data structure they want to access.

MKs tend to be fairly easy to port as the kernel is small, the porting effort is low.

Since a lot of the services provided are potentially running in userspace instead of kernel space, they can not easily trash other processes. This is a security plus.

E.g say the part of the networking stack was in userspace, and was compromised it might not be able to disrupt other processes/tasks. Whereas if that same part of the network stack in a monolithic kernel might be running in kernel space where if compromised it would be able to trash other processes, since it would be privileged.

share|improve this answer

edited Aug 14 '10 at 16:12

answered Aug 14 '10 at 14:11

Jason TanJason Tan

2,48221321

add a comment | 

1

To illustrate Jason's talk, here is an illustration to see the difference between micro- hybrid- and monolithic-kernel :

Legible image source file on Wikipedia.

share|improve this answer

edited Apr 28 at 21:15

Community♦

1

answered Aug 14 '10 at 18:19

StuderStuder

1,180714

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f170517%2fmonolithic-vs-micro-kernel%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

6

The basic difference is that a micro kernel (MK) is very small and only provides a very minimal set of services.
The majority of what are normally considered operating system services are provided by separate processes that execute outside of the kernel, and in a less privileged mode.
These processes need to comunicate via some from of IPC, instead of just reading/writing to whatever data structure they want to access.

MKs tend to be fairly easy to port as the kernel is small, the porting effort is low.

Since a lot of the services provided are potentially running in userspace instead of kernel space, they can not easily trash other processes. This is a security plus.

E.g say the part of the networking stack was in userspace, and was compromised it might not be able to disrupt other processes/tasks. Whereas if that same part of the network stack in a monolithic kernel might be running in kernel space where if compromised it would be able to trash other processes, since it would be privileged.

share|improve this answer

edited Aug 14 '10 at 16:12

answered Aug 14 '10 at 14:11

Jason TanJason Tan

2,48221321

add a comment | 

6

The basic difference is that a micro kernel (MK) is very small and only provides a very minimal set of services.
The majority of what are normally considered operating system services are provided by separate processes that execute outside of the kernel, and in a less privileged mode.
These processes need to comunicate via some from of IPC, instead of just reading/writing to whatever data structure they want to access.

MKs tend to be fairly easy to port as the kernel is small, the porting effort is low.

Since a lot of the services provided are potentially running in userspace instead of kernel space, they can not easily trash other processes. This is a security plus.

E.g say the part of the networking stack was in userspace, and was compromised it might not be able to disrupt other processes/tasks. Whereas if that same part of the network stack in a monolithic kernel might be running in kernel space where if compromised it would be able to trash other processes, since it would be privileged.

share|improve this answer

edited Aug 14 '10 at 16:12

answered Aug 14 '10 at 14:11

Jason TanJason Tan

2,48221321

add a comment | 

The basic difference is that a micro kernel (MK) is very small and only provides a very minimal set of services.
The majority of what are normally considered operating system services are provided by separate processes that execute outside of the kernel, and in a less privileged mode.
These processes need to comunicate via some from of IPC, instead of just reading/writing to whatever data structure they want to access.

MKs tend to be fairly easy to port as the kernel is small, the porting effort is low.

Since a lot of the services provided are potentially running in userspace instead of kernel space, they can not easily trash other processes. This is a security plus.

E.g say the part of the networking stack was in userspace, and was compromised it might not be able to disrupt other processes/tasks. Whereas if that same part of the network stack in a monolithic kernel might be running in kernel space where if compromised it would be able to trash other processes, since it would be privileged.

share|improve this answer

edited Aug 14 '10 at 16:12

answered Aug 14 '10 at 14:11

Jason TanJason Tan

2,48221321

share|improve this answer

edited Aug 14 '10 at 16:12

answered Aug 14 '10 at 14:11

Jason TanJason Tan

2,48221321

answered Aug 14 '10 at 14:11

Jason TanJason Tan

2,48221321

answered Aug 14 '10 at 14:11

Jason TanJason Tan

2,48221321

1

To illustrate Jason's talk, here is an illustration to see the difference between micro- hybrid- and monolithic-kernel :

Legible image source file on Wikipedia.

share|improve this answer

edited Apr 28 at 21:15

Community♦

1

answered Aug 14 '10 at 18:19

StuderStuder

1,180714

add a comment | 

1

To illustrate Jason's talk, here is an illustration to see the difference between micro- hybrid- and monolithic-kernel :

Legible image source file on Wikipedia.

share|improve this answer

edited Apr 28 at 21:15

Community♦

1

answered Aug 14 '10 at 18:19

StuderStuder

1,180714

add a comment | 

To illustrate Jason's talk, here is an illustration to see the difference between micro- hybrid- and monolithic-kernel :

Legible image source file on Wikipedia.

share|improve this answer

edited Apr 28 at 21:15

Community♦

1

answered Aug 14 '10 at 18:19

StuderStuder

1,180714

share|improve this answer

edited Apr 28 at 21:15

Community♦

1

answered Aug 14 '10 at 18:19

StuderStuder

1,180714

edited Apr 28 at 21:15

Community♦

1

edited Apr 28 at 21:15

Community♦

1

answered Aug 14 '10 at 18:19

StuderStuder

1,180714

answered Aug 14 '10 at 18:19

StuderStuder

1,180714