[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Addition to kauth(9) framework
>> If all listerners unshare kauth_cred_t *unconditionally*, we lost data
>> set by kauth_cred_setdata. As I said later there is a workaround
>> (kauth_cred_getrefcnt or kauth_cred_copy) but I don't like it.
> why don't you like it?
I cannot imagine applications for KAUTH_CRED_CHROOT other than adding
some information to kauth_cred_t, e.g. root directory, chroot serial
number or something equivalent for some purposes. So, a code for
unsharing kauth_cred_t should *always* be called by *all*
listerers/modules before modification. In my opinion this adds
unnecessary overcomplication for no benefits (unsharing credentials in
chroot(2) unconditionally cannot cause performance degradation). This is
why I think it's better and easier to unshare it in one place, that is
Best regards, Aleksey Cheusov.
Main Index |
Thread Index |