Subject: Re: CVS commit: src/sys/kern
To: YAMAMOTO Takashi <firstname.lastname@example.org>
From: Elad Efrat <elad@NetBSD.org>
Date: 06/14/2006 09:18:24
YAMAMOTO Takashi wrote:
> although it's definitely better than CURTAIN or abusing KAUTH_PROCESS_CANSEE,
> i'm not sure if it's a good idea.
I'm thinking we need a generic way of checking if object with 'cred1'
can access object with 'cred2'.
Alternatively, we could have these cases in their respective (to-be)
scopes -- either fileop, vnode, network, whatever.
What do you think?
> i'm not even sure if abusing fp->f_cred here is a good idea.
Is there a choice?
> IMO, performing I/O and "cansee" are very different.
Maybe add a KAUTH_PROCESS_IOPERM?