tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Opencomm: proplib-based syscall

David Young wrote:
On Tue, Apr 28, 2009 at 10:54:06PM +0300, Elad Efrat wrote:
On Tue, Apr 28, 2009 at 10:19 PM, Andrew Doran <> wrote:
Sorry but I don't like this either.

- It's a new name space and a new channel when we already have reasonable
?ones in place.
I disagree. The file-system namespace is limited to the traditional
Unix permission bits when setting access control. The sysctl namespace
is a mess on that aspect as well (unless you want to introduce a
handler for each node). The syscall namespace is numbers, it's not
really a "namespace".

To my mind, a namespace is a system of identifiers such as UNIX
pathnames, sysctl dotted names, SNMP OIDs, ISBN, or the Dewey Decimal
System.  It is not a system of access permissions.  I think that this is
what Andrew had in mind, too.

You may use a namespace to identify the discrete things that access
permissions may adhere to.  I don't think that either the sysctl or
filesystem namespace are particularly limiting for that purpose.

Access permissions need to be attached somehow to a name in a namespace
in order for them to be enforced when that name is accessed.

The only access permissions you can set on a filename are the
traditional Unix permission bits. I wrote fileassoc(9) especially to
somewhat relieve you from that annoyance (and not be limited to one
file-system implementation). Sysctl has different ways you can "attach"
things to a node, but the point is that it's not something the interface


Home | Main Index | Thread Index | Old Index