tech-security: Re: kauth and access to process credentials

Subject: Re: kauth and access to process credentials
To: Thor Lancelot Simon <tls@rek.tjls.com>
From: David Laight <david@l8s.co.uk>
List: tech-security
Date: 02/18/2007 15:59:36

On Sun, Feb 18, 2007 at 10:34:02AM -0500, Thor Lancelot Simon wrote:
> On Sun, Feb 18, 2007 at 02:10:23PM +0000, David Laight wrote:
> > The kauth code seems to be full of wrapper functions.
> > 
> > In particular every peice of code that needs to look at one of the
> > process's uids ends up calling a function.
> > This might be reasonable for LKMs, but for code that is linked into the
> > main kernel image rather OTT.
> > 
> > Of course, this involves making the structure in kauth_impl.h publicly
> > visible :-)
> 
> I actually prefer that access to UIDs be opaque in this way and think
> it's a useful architectural feature of kauth.
> 
> Why don't we put the accessor functions in a header file and make them
> inline?

Or #defines, I have no problem with that.

	David

-- 
David Laight: david@l8s.co.uk