Date: Tue, 30 Aug 2005 17:32:52 +0400 (MSD) From: Michael Bushkov <bushman@rsu.ru> To: Dan Nelson <dnelson@allantgroup.com> Cc: Jacques Vidrine <nectar@freebsd.org>, freebsd-hackers@freebsd.org, Doug Barton <dougb@freebsd.org>, Brooks Davis <brooks@freebsd.org>, freebsd-current@freebsd.org Subject: Re: [PATCH] caching daemon release and nsswitch patches Message-ID: <20050830172127.E5409@stinger.cc.rsu.ru> In-Reply-To: <20050829163025.GA25664@dan.emsphone.com> References: <20050827170633.Y5409@stinger.cc.rsu.ru> <43123F3B.8070002@FreeBSD.org> <20050829115740.N5409@stinger.cc.rsu.ru> <20050829163025.GA25664@dan.emsphone.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 29 Aug 2005, Dan Nelson wrote: We can't ensure that, I guess. In the upcoming version (before the 1st of September), the cache would be per-user. This would solve all the security problems. In a little while, I'll implement the ability for cached to act as nscd. So you'll be able to choose the behaviour. > In the last episode (Aug 29), Michael Bushkov said: >> There is some information in my project's description here: >> http://wikitest.freebsd.org/moin.cgi/NsswitchAndCachingTechnicalDetails > > One question that comes to mind: > > It looks like the end-user application is still responsible for > performing nss lookups. How do you ensure that one user can't poison > the cache and cause problems for other users? Could cached do all nss > operations itself (making it more like nscd in other OSes)? > > -- > Dan Nelson > dnelson@allantgroup.com > With best regards, Michael Bushkov Rostov State University
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050830172127.E5409>