assets/developer-notes/stephanie-gawroriski/2015/01/03.mkd
# 2015/01/03
***DISCLAIMER***: _These notes are from the defunct k8 project which_
_precedes SquirrelJME. The notes for SquirrelJME start on 2016/02/26!_
_The k8 project was effectively a Java SE 8 operating system and as such_
_all of the notes are in the context of that scope. That project is no_
_longer my goal as SquirrelJME is the spiritual successor to it._
## 04:53
Security wise, for normal processes and ones in containers accessing devices,
the weakest link will be the joints where they connect. Say that there are two
devices A and B. A is exploitable but the container does not have access to
the device directly. Device B is known to communicate to device A so it would
be possible to proxy attack device A to do bad things through B, if there are
such flaws in B. I would need a system call and driver interface that is
functional and effective but minimizes the risk of such attacks. However,
reducing the utility of drivers reduces how much stuff they can do. However,
drivers should not be doing everything they should remain simple and to the
point.