Date: Fri, 15 Sep 2006 09:33:55 +0100 From: Ceri Davies <ceri@submonkey.net> To: Robert Watson <rwatson@FreeBSD.org> Cc: arch@FreeBSD.org, trustedbsd-discuss@TrustedBSD.org Subject: Re: New in-kernel privilege API: priv(9) Message-ID: <20060915083355.GK93949@submonkey.net> In-Reply-To: <20060913194559.U53301@fledge.watson.org> References: <20060913150912.J1823@fledge.watson.org> <20060913184115.GE93949@submonkey.net> <20060913194559.U53301@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--TmwHKJoIRFM7Mu/A
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Sep 13, 2006 at 09:28:24PM +0100, Robert Watson wrote:
> A couple of points:
>=20
> First, the system present in Solaris is, in effect, a variant of some dra=
ft=20
> of POSIX.1e (or possibly vice versa), albeit with differently named=20
> constants. All the comments I made regarding POSIX.1e apply to it. =20
> Specifically, the priv(9) kernel API offers much more fine-grained=20
> assignment of rights relating to system administration, etc, correspondin=
g=20
> specifically to the set of privileges defined in our kernel.
Agreed.
> Second, privileges(5) describes an alternative privilege model exposed to=
=20
> userspace, whereas the work I've described is an in-kernel API for=20
> privilege checking. It doesn't imply (or, for that matter, implement) a=
=20
> change in the OS privilege model, although clearly it would facilitate=20
> doing that in the future. Since priv(9) is not an application API, it's=
=20
> not clear that application portability is an immediate concern.
That's the difference I was looking for, thanks.
> I think it's useful to compare the Solaris privilege set, and also consid=
er=20
> whether in the future we want to adopt a privilege model along similar=20
> lines. However, given that the privilege models across various UNIX and=
=20
> non-UNIX systems are all similar and yet completely different, I'm not su=
re=20
> that being similar and yet different from Solaris is particularly a probl=
em=20
> -- more, say, than being similar but different from IRIX, Linux, Windows,=
=20
> etc.
True enough. Thanks.
Ceri
--=20
That must be wonderful! I don't understand it at all.
-- Moliere
--TmwHKJoIRFM7Mu/A
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
iD8DBQFFCmVzocfcwTS3JF8RAm2WAJ0VyFfVnLFaUhqJNnAr2AcVYkEiYwCZAZXd
Osof4g2d8KRP9U5HbWH/JSA=
=4dhl
-----END PGP SIGNATURE-----
--TmwHKJoIRFM7Mu/A--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060915083355.GK93949>