From: "Ashwin Ganti" <ashwin.ganti@gmail.com>
To: weigelt@metux.de,
"Fans of the OS Plan 9 from Bell Labs" <9fans@9fans.net>
Cc: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu>
Subject: Re: [9fans] p9p/linux factotum port
Date: Tue, 6 May 2008 14:42:45 -0700 [thread overview]
Message-ID: <a67e66b20805061442v2698c1e3gdc35420b3ede778@mail.gmail.com> (raw)
In-Reply-To: <20080506202202.GB2013@nibiru.local>
On Tue, May 6, 2008 at 1:22 PM, Enrico Weigelt <weigelt@metux.de> wrote:
> * a@9srv.net <a@9srv.net> wrote:
>
> > http://plan9.bell-labs.com/iwp9/papers/13.p9auth.pdf
>
> cool, I wasn't aware of this. never ever seen a patch for
> the cap devices. does anyone have link ?
The device driver is in:
http://gsoc.cat-v.org/hg/lincapdevice/
The authentication server port is in:
http://gsoc.cat-v.org/hg/p9pauthsrv/
Although I still have to work on some feedback from Russ to get it
polished so that it can be made part of p9p.
>
> My decision for the *uid files (instead of cap devices) was
> because:
>
> a) more flexibilty (not only limited to factotum stuff)
> b) the kernel doesn't know of usernames.
That is one of the future improvements that I had listed in the paper.
"It would also be nice to have a user space mapping daemon that maps
the string user names and the integer
user ids. This daemon would be contacted by the kernel to resolve the
user names it
gets after parsing the capabilities written to the device files (by the
process and the host
owner's factotum)". I think NFS solves this in a similar way?
For the port I worked around by adding usernames as string equivalents
of uids (like "1001") which is ugly but can be avoided with this
daemon.
Check out the paper for details.
>
> So, IMHO, the cap handling should be done in userland.
Well, I feel it is more secure to have the kernel manage the
capabilities and do the actual identity change. We trust the kernel
(it is part of the TCB)
>
>
>
>
> cu
> --
> ---------------------------------------------------------------------
> Enrico Weigelt == metux IT service - http://www.metux.de/
> ---------------------------------------------------------------------
> Please visit the OpenSource QM Taskforce:
> http://wiki.metux.de/public/OpenSource_QM_Taskforce
> Patches / Fixes for a lot dozens of packages in dozens of versions:
> http://patches.metux.de/
> ---------------------------------------------------------------------
>
>
next prev parent reply other threads:[~2008-05-06 21:42 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-05-06 19:49 Enrico Weigelt
2008-05-06 19:55 ` erik quanstrom
2008-05-06 20:18 ` Roman Shaposhnik
2008-05-06 20:19 ` erik quanstrom
2008-05-06 21:01 ` Roman Shaposhnik
2008-05-06 19:56 ` Brian L. Stuart
2008-05-06 19:56 ` a
2008-05-06 20:22 ` Enrico Weigelt
2008-05-06 21:25 ` Charles Forsyth
2008-05-06 21:42 ` Ashwin Ganti [this message]
2008-05-07 15:33 ` Enrico Weigelt
2008-05-06 20:01 ` Eric Van Hensbergen
2008-05-06 20:03 ` ron minnich
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a67e66b20805061442v2698c1e3gdc35420b3ede778@mail.gmail.com \
--to=ashwin.ganti@gmail.com \
--cc=9fans@9fans.net \
--cc=9fans@cse.psu.edu \
--cc=weigelt@metux.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).