diff --git a/docs/DESIGN.md b/docs/DESIGN.md index cffdaf6..2036c3f 100644 --- a/docs/DESIGN.md +++ b/docs/DESIGN.md @@ -11,7 +11,7 @@ Gila initializes as a bare kernel, with the bootloader providing an init RAM filesystem in the form of a .tar.lzma archive. The kernel reads this file, and launches an init process (`/system/bin/init`). The init process has its own configuration file located at `/system/cfg/init.toml`, which should detail the -steps needed to bring the system up to a multi-user status. This config file +steps needed to bring the system up to a multi-user status. This config file will also contain versioning information for compatibility, detailing which kernel version and architecture it is compatible with. diff --git a/docs/SECURITY.md b/docs/SECURITY.md index fcc8e9b..81919b3 100644 --- a/docs/SECURITY.md +++ b/docs/SECURITY.md @@ -14,7 +14,7 @@ Part of the design philosophy that drives my inspiration for Gila is the idea of ### Microkernel architecture -Gila is a microkernel. Only the most important functionality runs at Ring 0 +Gila is a microkernel. Only the most important functionality runs at Ring 0 (Protected Mode) to reduce attack surface. This functionality includes: - Modifying and reading kernel configurations @@ -24,7 +24,7 @@ Gila is a microkernel. Only the most important functionality runs at Ring 0 - Inter-process communication - Hardware communication interfaces -User processes perform complex functionality by interacting with server +User processes perform complex functionality by interacting with server processes. Servers perform many different things: - PCI(e) @@ -36,5 +36,5 @@ processes. Servers perform many different things: ### Capability based MAC Eventually, once Gila is complex enough to need access control, I would like to -implement support for capability-based mandatory access control. Details will -be decided on once more APIs are stabilized. \ No newline at end of file +implement support for capability-based mandatory access control. Details will +be decided on once more APIs are stabilized.