Not all bugs in the TCB are exploitable as security holes. Here the TCB includes the kernel and domain code that is relied upon for some application’s security. There are two situations regarding the role of the code that implements some sort of object, be it in the kernel or a domain.
The plan that I have heard for file logic in Mach presumes that one shared object tends to all of the files. If I should exploit a bug in the file logic I may well be able to ruin your files.
In Keykos, by contrast, the segment keeper code produces instances that share no mutable objects and my security depends only no not using the segment keeper in a say that provokes the bug. Further if I do provoke the bug isolation insures that the worst that happens is that my segment misbehaves, You will not be able to read or influence the state of my broken segment.