The microvisor enforces the principle of least privilege by isolating all applications and operating system functions within a micro-VM from interacting with any other micro-VM, the protected desktop system, or the network the protected desktop is embedded in.
32.
The advantage is that a filesystem can be made portable between operating systems as the high-level operating system functions it uses can be as common as ANSI C, but the disadvantage is that the API is unique to each application that implements one.
33.
These libraries present an idealized API for each function that applies, such as files and extended operating system functions, graphics, midi and sound, etc . The whole collection forms the basis for an implementation on each operating system and machine that IP Pascal appears on.
