One way to limit the effect of an untrusted program is confinement: controlling what processes have access to the untrusted program and what access the program has to other processes and data. Explain how confinement would apply to the earlier example of the program that computes the sum of the integers 1 to 10

What will be an ideal response?

Assuming
the
only
activity
of
the
program
is
computing
the
sum
from
1
to
10,
confinement
would
achieve
two
things.
First,
the
confining
program
would
act
as
a
filter
between
the
callers
and
the
untrusted
program.
A
calling
program
would
call
the
confining
process,
requesting
to
call
the
summation
program.
The
calling
program
would
have
no
direct
access
to
the
summation
program.
Second,
the
confining
program
would
check
the
result
of
the
summation
program.
In
this
simple
situation,
the
confining
process
could
check
that
the
answer
was
exactly
55
(the
sum
from
1
to
10).
In
a
more
realistic
situation,
the
confining
process
could
check
the
computation
for
reasonableness:
considering
the
magnitude
of
the
input
values,
values
of
other
system
variables,
the
name
or
owner
of
the
calling
program,
and
so
on,
is
the
result
reasonable?
Are
the
requests
for
access
to
auxiliary
system
resources
by
the
untrusted
program
reasonable?