It's not a good idea, because your colleague misunderstands how protection domains are used. Even if each resource only appears in one protection domain, the same protection domain may be assigned to several processes, re-introducing sharing.
Several people also pointed out that there still could be deadlock among the resources in a single protection domain (for example, put all the philosopher's forks in one protection domain).
Your file system should use linked lists. Because the disk is almost full, there will be few free disk pages. Under those conditions, a bit-map free list will be sparse and searching it will be expensive in disk I-O. With a link-list, no searching is required because each link contains pointers directly to the free blocks, saving on expected disk I-O.
It makes a difference. A capability is a reference to an object and the operations allowed on the referenced object. The list of capabilities owned by an application is the security profile of the application. The operating system maintains an application's capability list, and so finding the application's security profile is as easy as making a system call, assuming the proper permissions.
An access control list indicates, for each object, which protection domains can perform which operations on the object. With ACLs, finding an application's security profile involves a search over all objects in the system, examining each ACL to see if it includes the application's protection domain. This may or may not be more complicated than finding the capability list, but it certainly takes more time.
The larger the disk block, the smaller the linked index list. The larger the disk block, the greater lost disk space due to internal fragmentation.
This page last modified on 13 December 2000.