Addition to kauth(9) framework

To: tech-kern%NetBSD.org@localhost
Subject: Addition to kauth(9) framework
From: Aleksey Cheusov <cheusov%tut.by@localhost>
Date: Sat, 27 Aug 2011 20:51:38 +0300

I'd like to apply the attached patch.
It implements two things:

- chroot(2)-ed process is given new kauth_cred_t with reference count
  equal to 1.
- New id KAUTH_CRED_CHROOT is added to kauth(9) credentials scope
  which is used when chroot(2) or fchroot(2) is called.

This two things allows to implement things like securechroot(9) secmodel
described here

  http://mail-index.netbsd.org/tech-kern/2011/07/09/msg010903.html

After commiting this patch I'll move the rest of securechroot(9)
to pkgsrc until it is ready to be integrated into the kernel.

Objections?

-- 
Best regards, Aleksey Cheusov.

Follow-Ups:
- Re: Addition to kauth(9) framework
  - From: Aleksey Cheusov
- Re: Addition to kauth(9) framework
  - From: YAMAMOTO Takashi
- Re: Addition to kauth(9) framework
  - From: Aleksey Cheusov

Prev by Date: Re: panic with 5.99.55 starting postgres
Next by Date: Re: Addition to kauth(9) framework
Previous by Thread: panic with 5.99.55 starting postgres
Next by Thread: Re: Addition to kauth(9) framework
Indexes:

Home | Main Index | Thread Index | Old Index