What are the differences between a monolithic kernel and a microkernel with respect to structure and security. My friend told me that Linux systems have monolithic kernel and thus are not easier to hack but I don't think he was actually correct.
Someone please enlighten me.
The basic difference is that a micro kernel (MK) is very small and only provides a very minimal set of services. The majority of what are normally considered operating system services are provided by separate processes that execute outside of the kernel, and in a less privileged mode. These processes need to comunicate via some from of IPC, instead of just reading/writing to whatever data structure they want to access.
MKs tend to be fairly easy to port as the kernel is small, the porting effort is low.
Since a lot of the services provided are potentially running in userspace instead of kernel space, they can not easily trash other processes. This is a security plus.
E.g say the part of the networking stack was in userspace, and was compromised it might not be able to disrupt other processes/tasks. Whereas if that same part of the network stack in a monolithic kernel might be running in kernel space where if compromised it would be able to trash other processes, since it would be privileged.
To illustrate Jason's talk, here is an illustration to see the difference between micro- hybrid- and monolithic-kernel :
Legible image source file on Wikipedia.
