Date: Mon, 19 Sep 2011 08:50:04 -0300 From: Gonzalo <gonzalo.a.r@gmail.com> To: Julian Elischer <julian@freebsd.org> Cc: Tijl Coosemans <tijl@coosemans.org>, freebsd-threads@freebsd.org Subject: Re: thread impersonation Message-ID: <CA%2B02-EGJEq%2BP6SQ5T3uTe-kJ112dMazrWURFDzypWVWUAwzGPA@mail.gmail.com> In-Reply-To: <4E755D84.7080103@freebsd.org> References: <CA%2B02-EGUyKuCeRVoy36u2Ubnu7JJxvXtFzp3FzCFEGdNd-DGgQ@mail.gmail.com> <201109171520.09423.tijl@coosemans.org> <CA%2B02-EEOXcuNwjFMMS-6_Z0MB3kG2SAg5SOFq2KUx1wG0Tn75w@mail.gmail.com> <4E755D84.7080103@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
What i'm trying to achieve is a program like NFS. Users will connect to this program and navigate the virtual filesystem. Each connection is a thread, and I need to impersonate them for the user associated to each connection, if I use setuid, all thread in the process would be impersonated. In Linux I achieved that using "setfsid" but that doesn't exists here in FreeBSD Thanks Gonzalo 2011/9/17 Julian Elischer <julian@freebsd.org> > On 9/17/11 11:51 AM, Gonzalo wrote: > >> So, as a imagined, is not possible a thread impersonation on FreeBSD? >> >> 2011/9/17 Tijl Coosemans<tijl@coosemans.org> >> > I'm not quite sure what you are trying to achieve, and why. > each thread DOES have its own credentials but the kernel/unix spec defines > them to all be the same user.. > It MIGHT be possible for a thread spawned before a seteuid() to keep some > of the credentials of the prior ID > but I haven't looked.. Nor do I know how that would be used.. usually UID > tests are made on the PROCESS > credentials and not the thread credentials (which exist for other reasons). > >> On Monday 12 September 2011 21:31:03 Gonzalo wrote: >>> >>>> I'm new in freeBSD and I'm looking a way to impersonate threads in >>>> >>> FreeBSD. >>> >>>> In Linux I did that with setfsuid, but that only work in linux and is >>>> not >>>> portable :( >>>> >>> There's seteuid(2) or setuid(2) which are portable. They change the uid >>> of >>> the entire process though, not per thread. >>> >>> I saw that in FreeBSD there is Jails, that could work? Is possible to >>>> >>> create >>> >>>> a Jail for every new thread and "impersonate the Jail"? Maybe I'm saying >>>> things without sense :( >>>> >>> A jail is a form of virtualisation. It's not related to what you're >>> trying >>> to do. You can read more about jails in the handbook: >>> http://www.freebsd.org/doc/en_**US.ISO8859-1/books/handbook/** >>> jails-intro.html<http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/jails-intro.html>; >>> >>> ______________________________**_________________ >> freebsd-threads@freebsd.org mailing list >> http://lists.freebsd.org/**mailman/listinfo/freebsd-**threads<http://lists.freebsd.org/mailman/listinfo/freebsd-threads>; >> To unsubscribe, send any mail to "freebsd-threads-unsubscribe@** >> freebsd.org <freebsd-threads-unsubscribe@freebsd.org>" >> >> >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2B02-EGJEq%2BP6SQ5T3uTe-kJ112dMazrWURFDzypWVWUAwzGPA>