tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: converting uid/gid to abstract credentials

On 11.01-17:01, Elad Efrat wrote:
[ ... ]
> >as i said i'm in the early stages and need more time put something
> >coherent together.  i wish to unify user/process credentials under a
> >single type but have that type of variable length/size such that
> >group IDs may be 16 bit length, whilst user IDs may be 32 and other
> >credentials, capabilities, authorization, may be other lengths.
> >this isn't essential i'm just abstracting in my head.
> >
> >in short, i'll get back to you on this.
> User/process credentials are already unified under a single opaque
> type -- kauth_cred_t.
> Take a look at the kauth(9) man-page, especially the "Credential Private
> Data" part.

i believe we're mis-understanding each other as i was not talking
about the credentials structure but _a_ credentials' data type.

however, it's been overtaken by the fact that i was unaware that netbsd
already had a complete modular security architecture (i thought it
was only a basic authorization framework) and avoiding the need to
rip one out was the main reason i avoided the freebsd kernel for my
project.  thanks again for the pointer, i'll need to review my planning
and expectations.


Home | Main Index | Thread Index | Old Index