tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Addition to kauth(9) framework

On Mon, Aug 29, 2011 at 02:36:04PM +0200, Aleksey Cheusov wrote:
> If sender (chroot(2)) cares about unsharing kauth_cred_t
> structure, all listeners will set their data without any problem provided 
> that kauth_key_t keys they use
> are different. Key uniqueness is garanteed by
> kauth_register_key.

I'm sorry, I'm very likely still missing some important detail:

this sounds to me as if we have to choose here between the sender
distributing individual unshared credentials to every receiver (I
thought kauth would handle the messaging?), which means every receiver
gets its own copy, but those lack modifications done by previous
receivers - or if the receiver does the unsharing, its modifications
will get lost if we have multiple receivers.

Both options sound wrong to me, what did I misunderstand?



Home | Main Index | Thread Index | Old Index