Re: setuid vs. EROS constructor

l4-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: setuid vs. EROS constructor

From:	Jonathan S. Shapiro
Subject:	Re: setuid vs. EROS constructor
Date:	Thu, 13 Oct 2005 13:39:05 -0400

On Thu, 2005-10-13 at 14:42 +0200, Bas Wijnen wrote:
> > However: Bas has not taken the last step. If he digs a bit deeper he
> > will soon conclude that uids of any sort are a bad idea altogether.
> 
> I already concluded that, but we need them anyway.  We want to be mostly
> POSIX-compliant...

I think this statement is debatable. Certainly, we want to be
"compatible enough", but what that means seems unclear. The vast
majority of programs do not do anything at all with their UID. For these
programs, a library-implemented constant would suffice.

I'm not even convinced that the UID should live in a capability. If this
type of state exists at all, it should take the form of per-process
protected payload. We have gone back and forth about this in Coyotos. At
the present time, I *do* plan to include some amount of protected
payload in the process structure for experimental purposes.

shap

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Server granularity, (continued)

Prev by Date: Re: Chroot and ".."
Next by Date: Re: Chroot and ".."
Previous by thread: Re: setuid vs. EROS constructor
Next by thread: Re: setuid vs. EROS constructor
Index(es):
- Date
- Thread