{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:39:33Z","timestamp":1750307973226,"version":"3.41.0"},"reference-count":35,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2007,7,1]],"date-time":"2007-07-01T00:00:00Z","timestamp":1183248000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["SIGOPS Oper. Syst. Rev."],"published-print":{"date-parts":[[2007,7]]},"abstract":"<jats:p>The GNU Hurd's design was motivated by a desire to rectify a number of observed shortcomings in Unix. Foremost among these is that many policies that limit users exist simply as remnants of the design of the system's mechanisms and their implementation. To increase extensibility and integration, the Hurd adopts an object-based architecture and defines interfaces, in particular those for the composition of and access to name spaces, that are virtualizable.<\/jats:p>\n          <jats:p>This paper is first a presentation of the Hurd's design goals and a characterization of its architecture primarily as it represents a departure from Unix's. We then critique the architecture and assess it in terms of the user environment of today focusing on security. Then follows an evaluation of Mach, the microkernel on which the Hurd is built, emphasizing the design constraints which Mach imposes as well as a number of deficiencies its design presents for multi-server like systems. Finally, we reflect on the properties such a system appears to require.<\/jats:p>","DOI":"10.1145\/1278901.1278907","type":"journal-article","created":{"date-parts":[[2007,9,14]],"date-time":"2007-09-14T13:44:55Z","timestamp":1189777495000},"page":"30-39","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":5,"title":["A critique of the GNU hurd multi-server operating system"],"prefix":"10.1145","volume":"41","author":[{"given":"Neal H.","family":"Walfield","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Marcus","family":"Brinkmann","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2007,7]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Air Force Electronic Systems Division","author":"Anderson J. P.","year":"1972","unstructured":"Anderson , J. P. Computer security technology planning study. Tech. rep ., Air Force Electronic Systems Division , Oct. 1972 . Anderson, J. P. Computer security technology planning study. Tech. rep., Air Force Electronic Systems Division, Oct. 1972."},{"key":"e_1_2_1_2_1","volume-title":"3rd USENIX Symposium on Operating Systems Design and Implementation (Feb.","author":"Banga G.","year":"1999","unstructured":"Banga , G. , Druschel , P. , and Mogul , J. C . Resource containers: A new facility for resource management in server systems . In 3rd USENIX Symposium on Operating Systems Design and Implementation (Feb. 1999 ). Banga, G., Druschel, P., and Mogul, J. C. Resource containers: A new facility for resource management in server systems. In 3rd USENIX Symposium on Operating Systems Design and Implementation (Feb. 1999)."},{"key":"e_1_2_1_3_1","first-page":"87","volume-title":"USENIX","author":"Bonwick J.","year":"1994","unstructured":"Bonwick , J. The slab allocator: An object-caching kernel memory allocator . In USENIX Summer ( 1994 ), pp. 87 -- 98 . Bonwick, J. The slab allocator: An object-caching kernel memory allocator. In USENIX Summer (1994), pp. 87--98."},{"key":"e_1_2_1_4_1","first-page":"16","volume":"1","author":"Bushnell M.","year":"1994","unstructured":"Bushnell , M. Towards a new strategy of OS design. GNU's Bulletin 1 , 16 ( Jan. 1994 ). Bushnell, M. Towards a new strategy of OS design. GNU's Bulletin 1, 16 (Jan. 1994).","journal-title":"GNU's Bulletin"},{"doi-asserted-by":"publisher","key":"e_1_2_1_5_1","DOI":"10.5555\/266989.267068"},{"doi-asserted-by":"publisher","key":"e_1_2_1_6_1","DOI":"10.1145\/365230.365252"},{"key":"e_1_2_1_7_1","volume-title":"Trusted Computer System Evaluation Criteria DOD 5200.28-STD","author":"DEFENSE.","year":"1985","unstructured":"DEPARTMENT OF DEFENSE. Trusted Computer System Evaluation Criteria DOD 5200.28-STD . Dec. 1985 . DEPARTMENT OF DEFENSE. Trusted Computer System Evaluation Criteria DOD 5200.28-STD. Dec. 1985."},{"doi-asserted-by":"publisher","key":"e_1_2_1_8_1","DOI":"10.5555\/876887.880177"},{"doi-asserted-by":"publisher","key":"e_1_2_1_9_1","DOI":"10.5555\/822075.822424"},{"doi-asserted-by":"publisher","key":"e_1_2_1_10_1","DOI":"10.5555\/822075.822429"},{"key":"e_1_2_1_11_1","series-title":"Bruce Perens' Open source series","volume-title":"Understanding the Linux Virtual Memory Manager","author":"Gorman M.","year":"2004","unstructured":"Gorman , M. Understanding the Linux Virtual Memory Manager . Bruce Perens' Open source series . Prentice Hall Professional Technical Reference , 2004 . Gorman, M. Understanding the Linux Virtual Memory Manager. Bruce Perens' Open source series. Prentice Hall Professional Technical Reference, 2004."},{"doi-asserted-by":"publisher","key":"e_1_2_1_12_1","DOI":"10.1145\/858336.858337"},{"doi-asserted-by":"publisher","key":"e_1_2_1_13_1","DOI":"10.1145\/1065010.1065028"},{"doi-asserted-by":"publisher","key":"e_1_2_1_14_1","DOI":"10.1145\/268998.266644"},{"doi-asserted-by":"publisher","key":"e_1_2_1_15_1","DOI":"10.1109\/IWOOOS.1992.252995"},{"doi-asserted-by":"publisher","key":"e_1_2_1_16_1","DOI":"10.1145\/168619.168633"},{"key":"e_1_2_1_17_1","volume-title":"Proceedings of the USENIX 1998 Annual Technical Conference (New Orleans","author":"Liedtke J.","year":"1998","unstructured":"Liedtke , J. , Panteleenko , V. , Jaeger , T. , and Islam , N . High-performance caching with the lava hit-server . In Proceedings of the USENIX 1998 Annual Technical Conference (New Orleans , Lousiana , June 1998 ). Liedtke, J., Panteleenko, V., Jaeger, T., and Islam, N. High-performance caching with the lava hit-server. In Proceedings of the USENIX 1998 Annual Technical Conference (New Orleans, Lousiana, June 1998)."},{"doi-asserted-by":"publisher","key":"e_1_2_1_19_1","DOI":"10.1145\/566172.566181"},{"doi-asserted-by":"publisher","key":"e_1_2_1_20_1","DOI":"10.1145\/1007512.1007524"},{"key":"e_1_2_1_21_1","volume-title":"2000 USENIX Annual Technical Conference (June","author":"Pike R.","year":"2000","unstructured":"Pike , R. Lexical file names in Plan 9 or getting dot-dot right . In 2000 USENIX Annual Technical Conference (June 2000 ). Pike, R. Lexical file names in Plan 9 or getting dot-dot right. In 2000 USENIX Annual Technical Conference (June 2000)."},{"doi-asserted-by":"publisher","key":"e_1_2_1_22_1","DOI":"10.1145\/361011.361073"},{"key":"e_1_2_1_23_1","volume-title":"12th USENIX Security Symposium (Aug.","author":"Provos N.","year":"2003","unstructured":"Provos , N. , Friedl , M. , and Honeyman , P . Preventing privilege escalation . In 12th USENIX Security Symposium (Aug. 2003 ). Provos, N., Friedl, M., and Honeyman, P. Preventing privilege escalation. In 12th USENIX Security Symposium (Aug. 2003)."},{"doi-asserted-by":"publisher","key":"e_1_2_1_24_1","DOI":"10.5555\/647433.723870"},{"doi-asserted-by":"publisher","key":"e_1_2_1_25_1","DOI":"10.1109\/PROC.1975.9939"},{"unstructured":"Seaborn M. Plash: tools for practical least privilege. http:\/\/plash.beasts.org.  Seaborn M. Plash: tools for practical least privilege. http:\/\/plash.beasts.org.","key":"e_1_2_1_26_1"},{"key":"e_1_2_1_27_1","first-page":"59","volume-title":"2002 USENIX Annual Technical Conference","author":"Shapiro J. S.","year":"2002","unstructured":"Shapiro , J. S. , and Adams , J . Design evolution of the EROS single-level store . In 2002 USENIX Annual Technical Conference ( 2002 ), pp. 59 -- 72 . Shapiro, J. S., and Adams, J. Design evolution of the EROS single-level store. In 2002 USENIX Annual Technical Conference (2002), pp. 59--72."},{"doi-asserted-by":"publisher","key":"e_1_2_1_28_1","DOI":"10.1109\/52.976938"},{"doi-asserted-by":"publisher","key":"e_1_2_1_29_1","DOI":"10.1145\/1217935.1217951"},{"key":"e_1_2_1_30_1","first-page":"119","volume-title":"USENIX","author":"Stevenson J. M.","year":"1995","unstructured":"Stevenson , J. M. , and Julin , D. P . Mach-US: Unix on generic OS object servers . In USENIX Winter ( 1995 ), pp. 119 -- 130 . Stevenson, J. M., and Julin, D. P. Mach-US: Unix on generic OS object servers. In USENIX Winter (1995), pp. 119--130."},{"doi-asserted-by":"publisher","key":"e_1_2_1_31_1","DOI":"10.1145\/1151030.1151033"},{"doi-asserted-by":"publisher","key":"e_1_2_1_32_1","DOI":"10.1145\/358699.358703"},{"key":"e_1_2_1_33_1","volume-title":"The underground economy: priceless. ;login: 31, 6 (Dec","author":"Thomas R.","year":"2006","unstructured":"Thomas , R. , and Martin , J . The underground economy: priceless. ;login: 31, 6 (Dec . 2006 ). Thomas, R., and Martin, J. The underground economy: priceless. ;login: 31, 6 (Dec. 2006)."},{"doi-asserted-by":"publisher","key":"e_1_2_1_34_1","DOI":"10.5555\/851041.856919"},{"doi-asserted-by":"publisher","key":"e_1_2_1_35_1","DOI":"10.5555\/646280.687663"},{"doi-asserted-by":"publisher","key":"e_1_2_1_36_1","DOI":"10.1145\/41457.37507"}],"container-title":["ACM SIGOPS Operating Systems Review"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1278901.1278907","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1278901.1278907","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T14:58:23Z","timestamp":1750258703000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1278901.1278907"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2007,7]]},"references-count":35,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2007,7]]}},"alternative-id":["10.1145\/1278901.1278907"],"URL":"https:\/\/doi.org\/10.1145\/1278901.1278907","relation":{},"ISSN":["0163-5980"],"issn-type":[{"type":"print","value":"0163-5980"}],"subject":[],"published":{"date-parts":[[2007,7]]},"assertion":[{"value":"2007-07-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}