Re: Design principles and ethics

l4-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Design principles and ethics

From:	Marcus Brinkmann
Subject:	Re: Design principles and ethics
Date:	Sun, 30 Apr 2006 22:40:46 +0200
User-agent:	Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.7 (Sanjō) APEL/10.6 Emacs/21.4 (i486-pc-linux-gnu) MULE/5.0 (SAKAKI)

At Sun, 30 Apr 2006 22:03:41 +0200,
Pierre THIERRY <address@hidden> wrote:
> 
> Scribit Tom Bachmann dies 30/04/2006 hora 21:21:
> > > /sbin/passwd requires the authority to write the password database,
> > > which the user does not have.
> > Wrong. In my proposal she has the authority because there is no real
> > ``password database''. There is just a file (say ~/.passwd) that
> > contains the hash of the users password.
> 
> So there is no /sbin/passwd, and it was not considered in the question,
> which about the program accessing a central password database (which I
> agree we should avoid if we can, but that is not the point).

A program that can access a central password database in write-mode is
_not_ confined.  It can be run as a system service that is accessed
through a capability, just like any other system service, if desired.

Thanks,
Marcus

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Design principles and ethics (was Re: Execute without read (was [...])), (continued)

Prev by Date: Re: How to add confinement to the Hurd?
Next by Date: Re: Design principles and ethics
Previous by thread: Re: Design principles and ethics
Next by thread: Re: Design principles and ethics
Index(es):
- Date
- Thread