Implementing the appearance of shared credentials to userspace requires
large amounts of code to be added in the threading libraries. The
addition of code here is reasonalbly small.
This patch is by no means complete or correct. It completely ignores
the credential sharing flag for now. It is just here to demonstrate the
combination of the two ideas. Please don't go applying it to anything
;)
I think that the core of what is needed is in the attached patch. Most
of what is left can be accomplished with s/->uid/->cred->uid/ and
s/->fsuid/->cred->vfscred->uid/
And, as Trond says:
> Unfortunately there's still a bit more to do. I need to get
> the file creation ops (i_op->create()/symlink()/mknod()/mkdir()) to
> take a vfs_cred* argument. If not, you risk having the
> inode->i_uid/i_gid set to values that differ from the ones checked by
> the calls to ->permission().
-- Dave Hansen haveblue@us.ibm.com- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/