Is Zircon kernel (from Fuchsia OS) safer by being a microkernel?



  • Fuchsia's possible Android replacement uses the Zircon microkernel. This means that the drivers should run in userspace.

    Is this an advantage over Android? For example, closed source drivers now can't do anything they want with the kernel. They can't read/write to arbitrary memory areas, except of course by using an exploit.

    This drastically reduces the chances of backdoors. For example, a driver for a WiFi device can of course still hide a backdoor for accepting connections from some magic address, but it cannot use this backdoor to alter some process state for example.

    Am I right?



  • Microkernels are safer in theory as individual drivers run in userspace, but there's absolutely no way to know if a specific microkernel is more secure than any other kernel without testing it. All that we can say for sure is that the microkernel architecture makes it easier to protect against malicious or insecure drivers, and it makes it easier to move kernel code out of the trusted computing base.



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2