Date: Wed, 17 Jun 2009 15:43:05 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 164592 for review Message-ID: <200906171543.n5HFh5jg088470@repoman.freebsd.org>
index | next in thread | raw e-mail
http://perforce.freebsd.org/chv.cgi?CH=164592 Change 164592 by rwatson@rwatson_fledge on 2009/06/17 15:42:07 Update sys_capability.c comments. Affected files ... .. //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#25 edit Differences ... ==== //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#25 (text+ko) ==== @@ -36,21 +36,21 @@ * * Each capability is represented as a file descriptor, but unlike * traditional file descriptors, capabilities include a fine-grained and - * monotonically decreasing mask of rights associated with them. + * constant mask of rights associated with them. * - * Capabilities wrap other actual object file descriptors, forwarding the - * implementation of operations to underlying object if they are permitted by - * the mask. When one capability is created from another, rather than - * nesting, we directly reference the underlying object but with a new mask, - * rather than referencing the previous capability. + * Capabilities wrap other actual object file descriptors -- system calls + * declare the rights they require when looking up file descriptors. * - * XXXRW: See the global TODO for things that need to be done. + * When one capability is created from another, rather than nesting, we + * directly reference the underlying object but with a new mask, rather than + * referencing the previous capability. New capabilities will have the same + * set or a subset of rights of the capability they are derived from. */ #include "opt_capabilities.h" #include <sys/cdefs.h> -__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#24 $"); +__FBSDID("$P4: //depot/projects/trustedbsd/capabilities/src/sys/kern/sys_capability.c#25 $"); #include <sys/param.h> #include <sys/capability.h>help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906171543.n5HFh5jg088470>