Subject: Re: Querying an userland program from the kernel
To: None <tech-kern@NetBSD.org>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
Date: 01/25/2004 03:30:03
>>> [U]sing sockets for kernel/userland messages makes a lot of sense.
>> It does.
> Socket interfaces are fine, but they are not convenient to delegate
> to unprivileged users.
They are if they are properly designed. For example...
> A character device, however, you can "chmod 600 /dev/dev0 ; chown
> dyoung /dev/dev0".
Yes. Now, if an ioctl on /dev/dev0 takes as (part of?) its argument
one of a pair of connected sockets, taking over that socket as the
kernel end of the communication, then you have the flexible access
control of a device with the interface utility of a socket.
I would have thought the rest of my note described what I did in
sufficient detail to make this clear. (The project I worked on didn't
use a character device, but that was because of the nature of the
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML email@example.com
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B