Post Syndicated from corbet original https://lwn.net/Articles/963734/

The Linux kernel follows a monolithic design, and that brings a well-known
problem: all code in the kernel has access to the entirety of the kernel’s
address space. As a result, a bug in (for example) an obscure driver may
well be exploitable to wreak havoc on core-kernel data structures. Various
attempts have been made over the years to increase the degree of isolation
within the kernel. The latest of these, “SandBox
Mode” proposed by Petr Tesařík, makes it possible for the kernel to run
some limited code safely, but it has encountered a bit of a chilly reception.