[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: alternative: port server?
|
From: |
Marcus Brinkmann |
|
Subject: |
Re: alternative: port server? |
|
Date: |
Tue, 13 May 2003 16:56:17 +0200 |
|
User-agent: |
Mutt/1.5.3i |
On Tue, May 13, 2003 at 04:30:42PM +0200, Moritz Schulte wrote:
> Marcus Brinkmann <address@hidden> writes:
>
> > L4 makes the actual sender available to the receiving thread.
>
> Question: doesn't this fact make our auth handshake protocol kind of
> obsolete?
I am not sure. It's true that the handshake protocol is not necessary if
you think of task privileges. The server can identify a sending thread
(task) securely, and thus could contact the proc server or whoever to get
the unix user IDs of the task.
However, in the Hurd we are more flexible. A task can reauthenticate an io
object. In that sense, user IDs (really: authentication tokens) are bound
to objects and not to tasks. This is useful in many applications.
It's not self evident to me that you could completely replace the auth
protocol with something that is done unilaterally by the server and still
keep all the flexibility. OTOH, the main usage of the sender id is to
verify that the sender is permitted to use the object at all, and what the
PID of the sender is (for obscure POSIX features).
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' GNU http://www.gnu.org address@hidden
Marcus Brinkmann The Hurd http://www.gnu.org/software/hurd/
address@hidden
http://www.marcus-brinkmann.de/
- alternative: port server?, Marcus Brinkmann, 2003/05/13
- Re: alternative: port server?, Moritz Schulte, 2003/05/13
- Re: alternative: port server?,
Marcus Brinkmann <=
- Re: alternative: port server?, Neal H. Walfield, 2003/05/13
- Re: alternative: port server?, Marcus Brinkmann, 2003/05/13
- Re: alternative: port server?, Neal H. Walfield, 2003/05/13
- Re: alternative: port server?, Marcus Brinkmann, 2003/05/13
- Re: alternative: port server?, Neal H. Walfield, 2003/05/13