From owner-trustedbsd-discuss@FreeBSD.ORG Wed Sep 13 18:41:26 2006 Return-Path: X-Original-To: trustedbsd-discuss@freebsd.org Delivered-To: trustedbsd-discuss@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7670416A416 for ; Wed, 13 Sep 2006 18:41:26 +0000 (UTC) (envelope-from ceri@submonkey.net) Received: from cyrus.watson.org (cyrus.watson.org [209.31.154.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D17843D46 for ; Wed, 13 Sep 2006 18:41:25 +0000 (GMT) (envelope-from ceri@submonkey.net) Received: from shrike.submonkey.net (cpc2-cdif2-0-0-cust107.cdif.cable.ntl.com [81.104.168.108]) by cyrus.watson.org (Postfix) with ESMTP id 2E30446CDD for ; Wed, 13 Sep 2006 14:41:21 -0400 (EDT) Received: from ceri by shrike.submonkey.net with local (Exim 4.63 (FreeBSD)) (envelope-from ) id 1GNZfg-0009v7-4h; Wed, 13 Sep 2006 19:41:16 +0100 Date: Wed, 13 Sep 2006 19:41:16 +0100 From: Ceri Davies To: Robert Watson Message-ID: <20060913184115.GE93949@submonkey.net> Mail-Followup-To: Ceri Davies , Robert Watson , arch@FreeBSD.org, trustedbsd-discuss@TrustedBSD.org References: <20060913150912.J1823@fledge.watson.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="zYM0uCDKw75PZbzx" Content-Disposition: inline In-Reply-To: <20060913150912.J1823@fledge.watson.org> X-PGP: finger ceri@FreeBSD.org User-Agent: Mutt/1.5.13 (2006-08-11) Sender: Ceri Davies Cc: arch@FreeBSD.org, trustedbsd-discuss@TrustedBSD.org Subject: Re: New in-kernel privilege API: priv(9) X-BeenThere: trustedbsd-discuss@FreeBSD.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: TrustedBSD General Discussion List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Sep 2006 18:41:26 -0000 --zYM0uCDKw75PZbzx Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Sep 13, 2006 at 03:29:14PM +0100, Robert Watson wrote: > What does this all mean in practice? It means replacing suser(9) and=20 > suser_cred(9) with calls that express the specific privilege being checke= d=20 > for. I took the most straight forward possible implementation: I reviewe= d=20 > all privilege checks in the kernel, identified all identical privileges a= nd=20 > categorized all privileges by subsystem. I then assigned unique numeric= =20 > constants to each unique privilege, and added a privilege identifier=20 > argument to the two new functions, priv_check(9) and priv_check_cred(9).= =20 Is this wilfully different from the privileges(5) model in Solaris 10 (http://docs.sun.com/app/docs/doc/816-5175/6mbba7f3b?a=3Dview) ? It seems that there would be some benefit in having at least a minimal common API and set of privilege names, not least to help with issues such as that raised in http://issues.apache.org/bugzilla/show_bug.cgi?id=3D34671. Having only just started to look over your work, I'll be happy to be put straight if we're talking about completely different things, but on the surface they're looking very similar. Ceri --=20 That must be wonderful! I don't understand it at all. -- Moliere --zYM0uCDKw75PZbzx Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFCFDLocfcwTS3JF8RAnXZAJ9WYU5EpK1WoDq5jOQ4DSSOvrZzDQCgp8sG Hs5o85qX1T2nspBoTDjB6nY= =SZPI -----END PGP SIGNATURE----- --zYM0uCDKw75PZbzx--