> Briefly, an extended file handle is a global index, all processes get
> handles out of this single space. To implement access rights you place an
> extra field in each file structure, call it file_access_right. Each
> process also has a file_access_right, they have to compare equal for the
> handle's use to be permitted. exec() causes a new file_access_right to be
> selected. fork() uses the same file_access_right (to set up exec),
> clone() uses the same file_access_right.
This could perhaps be done using the existing semantics where instead of
having one global table, have a two layer approach. So you do a lookup on
descriptor(fd,pid) and then use that as a lookup into a global table.
That hopefully wouldn't be too expensive, although could be excessively
large.
-cw
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu