From a018810c9c12593989146acba89e1cb81dc65c07 Mon Sep 17 00:00:00 2001 From: August Date: Thu, 13 Nov 2025 18:12:00 -0500 Subject: [PATCH] last one I swear bro --- docs/DESIGN.md | 5 ++--- docs/SECURITY.md | 4 ---- 2 files changed, 2 insertions(+), 7 deletions(-) diff --git a/docs/DESIGN.md b/docs/DESIGN.md index 3381b6b..c338823 100644 --- a/docs/DESIGN.md +++ b/docs/DESIGN.md @@ -36,9 +36,8 @@ perform some memory management work to start allocating memory for the userboot binary. Userboot is a binary executable that will be loaded as a module, and it will be initialized as the very first process. -> [!INFO] -> The Userboot concept was taken from the Zircon kernel, used in Google's -> Fuchsia OS. +The Userboot concept was taken from the Zircon kernel, used in Google's Fuchsia +OS. Userboot has only one job, and that is to parse the compressed initramfs image and start the true init system based on the contents of that image. After that, diff --git a/docs/SECURITY.md b/docs/SECURITY.md index 4c15aeb..af08315 100644 --- a/docs/SECURITY.md +++ b/docs/SECURITY.md @@ -118,10 +118,6 @@ the primary method processes will use to do useful things, but it will also affect shared memory regions. A process cannot establish IPC unless it is part of some namespace the target process is also part of. -Being part of a namespace entails holding a capability object referring to -that namespace, and that capability object will encode rights within that -namespace, such as IPC and shared memory. - ### Capability based MAC Gila has no concept of ambient authority. Resource access is not governed