Orion Sky Lawlor
Department of Computer Science, University of Alaska at Fairbanks
http://lawlor.cs.uaf.edu/~olawlor olawlor@acm.org
As this is the first day, this was a short lecture.
The earliest machines, like small embedded machines today, had no operating system. Without an operating system, the main program must talk directly to the hardware, and must do everything itself without help; but also has complete freedom to run the machine however it likes.
Operating systems serve a variety of purposes, but they boil down to two somewhat incompatible goals. First, operating systems provide huge quantities of utility routines and libraries to make systems easier to program. Second, operating systems are designed to keep the machine running even when programs go bad.
Note that different operating systems put different emphasis on these features. The classic MacOS, for example, provided amazing quantities of utility routines, but almost zero security--a classic MacOS program could do almost anything to the machine, and the operating system would not interfere. Microkernel implementations, by contrast, are almost pure security--the OS kernel starts processes and manages how they interact, but all interesting processing is left to user code.
Without an operating system, to talk on the network you'd have to directly manipulate the network hardware; receive, reassemble, retransmit, and acknowledge individual network packets at the network, IP, and TCP levels; and perform all the other low-level processing needed for this task. But with an operating system, to talk on the network you just call a simple, standard set of routines such as BSD sockets.
Hardware-related tasks the operating system makes much easier include:
Software-related tasks the operating system makes easier include:
The other major task of an operating system is, paradoxically, to restrict the capabilities of programs. That is, the OS is designed to limit the damage a program can cause. On a multi-user machine, this is clearly necessary--otherwise anybody could trash anybody else's files. On a single user machine, it's not so clear why this is needed. However, protection does make developing programs easier, because a runaway program can't crash the machine. Protection also helps restrict certain kinds of malicious software--for example, memory-resident viruses, common in the days of MS-DOS, no longer affect modern operating systems because of memory protection.
The protection aspect of operating systems applies to:
Overall, operating system protection adds complexity and slows down processing, but it makes for a more reliable system. Note that because the operating system can't completely check the format of data coming in over the network, there are still a variety of security problems that the operating system cannot address.
April 27, 2005
Author Homepage