Re: Vnode scope implementation

To: elad%NetBSD.org@localhost
Subject: Re: Vnode scope implementation
From: yamt%mwd.biglobe.ne.jp@localhost (YAMAMOTO Takashi)
Date: Mon, 3 Aug 2009 23:07:44 +0000 (UTC)

hi,

> Oh, I thought that was a given because we don't control the kernel of
> another computer (a similar issue exists with Veriexec, see
> veriexec(9)'s caveats section, "remote file-systems").

yes, it's one of the reasons i don't like veriexec. :-)

> but IIUC it can prevent what the
> remote file-system would allow

sometimes it can, but in general it can't.

1. a client sends a request to a server.
2. the server decided to allow the operation, and actually process it,
  and return the result to the client.

ie. you don't have a chance to pass "fs_decision" to kauth.

> Should we enforce that
> limitation on all file-systems, or make remote file-systems an
> exception? Veriexec sets a precedent of the latter, which I think
> makes sense. Do you have something else in mind?

i'm not sure if "remote file-systems or not" is a good classification
method.

YAMAMOTO Takashi

> 
> Thanks,
> 
> -e.

Follow-Ups:
- Re: Vnode scope implementation
  - From: Elad Efrat

References:
- Re: Vnode scope implementation
  - From: Elad Efrat

Prev by Date: Re: kernel_lock, splbio() and SMP_SAFE
Next by Date: Re: Vnode scope implementation
Previous by Thread: Re: Vnode scope implementation
Next by Thread: Re: Vnode scope implementation
Indexes:

Home | Main Index | Thread Index | Old Index