Re: 'native files', 'object fingerprints' [was: sendpath()]

Andi Kleen (ak@suse.de)
Tue, 16 Jan 2001 12:13:23 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Andi Kleen: "Re: 'native files', 'object fingerprints' [was: sendpath()]"
Previous message: Felix von Leitner: "Re: Is sendfile all that sexy?"

On Tue, Jan 16, 2001 at 10:48:34AM +0100, Ingo Molnar wrote:
> this is a safe, very fast [ O(1) ] object-permission model. (it's a
> variation of a former idea of yours.) A process can pass object
> fingerprints and kernel pointers to other processes too - thus the other
> process can access the object too. Threads will 'naturally' share objects,
>...

Just setuid etc. doesn't work with that because access cannot be easily
revoked without disturbing other clients.

To handle that you would probably need a "relookup if needed" mechanism
similar to what NFSv4 has, so that you can force other users to relookup
after you revoked a key. That complicates the use a lot though.

Also the model depends on good secure random numbers, which is questionable
in many environments (e.g. a diskless box where the random device effectively
gets no new input)

-Andi

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "Re: 'native files', 'object fingerprints' [was: sendpath()]"
Previous message: Felix von Leitner: "Re: Is sendfile all that sexy?"