>>>>> " " == Luca Barbieri <ldb@ldb.ods.org> writes:
> But you'll need to modify the declaration of the various
> function pointers whose implementations might need credentials
> and modify all functions that call them and deal with
> permissions. Instead with my proposal the credentials are
Yes... And this is a useful activity in itself, as the existence of
all these hacks that temporarily change uid/gid/whatever... show.
> automatically immutable across the syscall without needing to
> worry at all about locks, counts and sharing.
I still have no opinion about your proposal for implementing CLONE_CRED.
What I fail to see is why you appear to insist it would be
incompatible with the idea of copy-on-write VFS credentials (which I
explained are interesting for other purposes).
I also fail to understand why you insist that we need to drop the idea
of copy-on-write credentials in order to optimize for this fringe case
in which somebody calls sys_access() or exec with euid != fsuid.
Now repeat after me
"changing fsuid/fsgid is *not* the common case that needs optimization."
Trond
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Sat Sep 07 2002 - 22:00:14 EST