Subject: Re: $HOSTALIASES thing.
To: NetBSD Security Technical Discussion List <tech-security@NetBSD.ORG>
From: Greg A. Woods <email@example.com>
Date: 11/03/2000 19:13:03
[ On Friday, November 3, 2000 at 17:34:35 (-0500), Thor Lancelot Simon wrote: ]
> Subject: Re: $HOSTALIASES thing.
> I think you miss the point. When I say that I don't like the idea of
> implementing zillions of special purpose "uid"s, it is in the context
> of the previous proposal that we add a "fsuid" as we have an "euid", a
> "ruid", and in some Unices a "saved set-user id".
Ah yes, I did. sorry -- I took that only in the context of "IDs" in
general, not in the specific context of credentials stored in the kernel.
> I have no quibble
> with doling privilege out to different user IDs to restrict its scope;
yes, then we agree on this external to the kernel issue....
> I *do* have a serious quibble with the half-baked notion of a "uid for
> filesystem purposes", a "uid for network purposes" and so forth. If you
> really want to go *there*, a capability model would serve the same
> purpose much better, I think.
So do I -- in the intended context I agree with you entirely!
(I'm not sure that's the right direction to go in for a unix-compatible
system since it changes the model *way* too much, but that's a different
Greg A. Woods
+1 416 218-0098 VE3TCP <firstname.lastname@example.org> <robohack!woods>
Planix, Inc. <email@example.com>; Secrets of the Weird <firstname.lastname@example.org>