New in-kernel privilege API: priv(9)
Ceri Davies
ceri at submonkey.net
Fri Sep 15 01:34:00 PDT 2006
On Wed, Sep 13, 2006 at 09:28:24PM +0100, Robert Watson wrote:
> A couple of points:
>
> First, the system present in Solaris is, in effect, a variant of some draft
> of POSIX.1e (or possibly vice versa), albeit with differently named
> constants. All the comments I made regarding POSIX.1e apply to it.
> Specifically, the priv(9) kernel API offers much more fine-grained
> assignment of rights relating to system administration, etc, corresponding
> specifically to the set of privileges defined in our kernel.
Agreed.
> Second, privileges(5) describes an alternative privilege model exposed to
> userspace, whereas the work I've described is an in-kernel API for
> privilege checking. It doesn't imply (or, for that matter, implement) a
> change in the OS privilege model, although clearly it would facilitate
> doing that in the future. Since priv(9) is not an application API, it's
> not clear that application portability is an immediate concern.
That's the difference I was looking for, thanks.
> I think it's useful to compare the Solaris privilege set, and also consider
> whether in the future we want to adopt a privilege model along similar
> lines. However, given that the privilege models across various UNIX and
> non-UNIX systems are all similar and yet completely different, I'm not sure
> that being similar and yet different from Solaris is particularly a problem
> -- more, say, than being similar but different from IRIX, Linux, Windows,
> etc.
True enough. Thanks.
Ceri
--
That must be wonderful! I don't understand it at all.
-- Moliere
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/trustedbsd-discuss/attachments/20060915/469f6f88/attachment.pgp
More information about the trustedbsd-discuss
mailing list