[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Vnode scope implementation
On Thu, Jul 16, 2009 at 07:39:15PM +0300, Elad Efrat wrote:
> David Young wrote:
>> Isn't it hard to know that the design of kauth(9) and the placement of
>> the hooks is correct for anybody's purposes---Apple's, NetBSD's, yours,
>> mine---when you do not use the API for anything?
> How is the API not in use? what do you think implements "root" and
> "securelevel" for several years now? :)
Sorry if it wasn't clear from the context, but I was asking about the
>> I have a feeling that I am not only one who is anxious to see the
>> kauth(9) pay-off in a compelling security demonstration or two.
> Okay. At the moment, NetBSD uses kauth(9) to implement the traditional
> security model it always had: root and securelevel.
But that is just maintaining the status quo. Is that such a big
> Other work using kauth(9) is bad@'s gaols (jails), which you can see
> and agc@'s role-based access controls, which you should be able to see
> soon. Here's an abstract:
A paper and an abstract do not a compelling security demonstration make!
David Young OJC Technologies
dyoung%ojctech.com@localhost Urbana, IL * (217) 278-3933
Main Index |
Thread Index |