Re: Vnode scope implementation

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: <tech-kern@...>

Date: Tuesday, July 21, 2009 - 12:29 pm

On Tue, Jul 21, 2009 at 12:25:37AM +0300, Elad Efrat wrote:

quoted text> David Young wrote:

>> On Thu, Jul 16, 2009 at 07:39:15PM +0300, Elad Efrat wrote:

>>> David Young wrote:

>>>

>>>> Isn't it hard to know that the design of kauth(9) and the placement of

>>>> the hooks is correct for anybody's purposes---Apple's, NetBSD's, yours,

>>>> mine---when you do not use the API for anything?

>>> How is the API not in use? what do you think implements "root" and

>>> "securelevel" for several years now? :)

>>

>> Sorry if it wasn't clear from the context, but I was asking about the

>> vnode scope.

>

> In that case your question makes very little sense, given the subject

> of this thread is the vnode scope back-end. In other words, no hooks are

> added, so you can't tell if their placement is correct or not.
The question stands, how do you know that the design of anything in

kauth(9) is correct until you use it for something?
>> But that is just maintaining the status quo.  Is that such a big

quoted text>> pay-off?

>

> I think your assertion is wrong, but I also think we have different

> definitions of what a big pay-off would be. Could you please state

> what a big pay-off would be, from your point of view?
It would be a big improvement if a user could run any process with the

least privileges that he thought the process needed to do its job, and

if he could read from the kernel a reliable list of the privileges that

any process was running with.
>> A paper and an abstract do not a compelling security demonstration make!

quoted text>

> Same question as above -- could you elaborate on what a compelling

> security demonstration would be, from your point of view?
To start with, it would be runnable code!
Dave
--

David Young             OJC Technologies

dyoung@ojctech.com      Urbana, IL * (217) 278-3933

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Vnode scope implementation, Elad Efrat, (Sat Jul 4, 1:14 pm)

Re: Vnode scope implementation, Alan Barrett, (Sat Jul 4, 3:12 pm)

Re: Vnode scope implementation, Alan Barrett, (Sun Jul 5, 6:47 am)

Re: Vnode scope implementation, Martin Husemann, (Sun Jul 5, 5:16 am)

Re: Vnode scope implementation, Marc Balmer, (Sat Jul 4, 1:52 pm)

Re: Vnode scope implementation, Elad Efrat, (Sat Jul 4, 2:15 pm)

Re: Vnode scope implementation, Matthew Mondor, (Sat Jul 4, 3:17 pm)

Re: Vnode scope implementation, Elad Efrat, (Sat Jul 4, 3:29 pm)

Re: Vnode scope implementation, David Holland, (Sat Jul 4, 1:38 pm)

Re: Vnode scope implementation, Elad Efrat, (Sat Jul 4, 2:08 pm)

Re: Vnode scope implementation, David Holland, (Sun Jul 5, 5:21 pm)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 5, 6:15 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Thu Jul 16, 10:10 am)

Re: Vnode scope implementation, Elad Efrat, (Thu Jul 16, 11:44 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Jul 19, 3:32 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 8:00 am)

Re: Vnode scope implementation, David Holland, (Sun Jul 5, 6:53 pm)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 5, 10:02 pm)

Re: Vnode scope implementation, David Holland, (Fri Jul 10, 4:33 am)

Re: Vnode scope implementation, Elad Efrat, (Fri Jul 10, 7:06 am)

Re: Vnode scope implementation, Elad Efrat, (Mon Jul 13, 4:27 am)

Re: Vnode scope implementation, Elad Efrat, (Thu Jul 16, 8:06 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Thu Jul 16, 10:12 am)

Re: Vnode scope implementation, Andrew Doran, (Thu Jul 16, 6:06 pm)

Re: Vnode scope implementation, David Young, (Thu Jul 16, 12:19 pm)

Re: Vnode scope implementation, Elad Efrat, (Thu Jul 16, 12:39 pm)

Re: Vnode scope implementation, Christoph Badura, (Sun Jul 26, 8:07 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 26, 9:38 am)

Re: Vnode scope implementation, David Young, (Mon Jul 20, 1:02 pm)

Re: Vnode scope implementation, Elad Efrat, (Mon Jul 20, 5:25 pm)

Re: Vnode scope implementation, David Young, (Tue Jul 21, 12:29 pm)

Re: Vnode scope implementation, Elad Efrat, (Tue Jul 21, 2:06 pm)

Re: Vnode scope implementation, David Holland, (Wed Jul 22, 8:31 pm)

Re: Vnode scope implementation, Elad Efrat, (Wed Jul 22, 9:12 pm)

Re: Vnode scope implementation, David Holland, (Wed Jul 22, 10:16 pm)

Re: Vnode scope implementation, Elad Efrat, (Thu Jul 16, 12:10 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Jul 19, 3:34 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 7:53 am)

Re: Vnode scope implementation, Thor Lancelot Simon, (Sun Jul 19, 9:47 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 9:54 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Jul 19, 8:49 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 8:58 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Wed Jul 22, 4:05 am)

Re: Vnode scope implementation, Elad Efrat, (Wed Jul 22, 6:46 am)

Re: Vnode scope implementation, David Holland, (Wed Jul 22, 8:40 pm)

Re: Vnode scope implementation, der Mouse, (Thu Jul 23, 6:08 am)

Re: Vnode scope implementation, David Holland, (Fri Jul 24, 11:46 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Wed Jul 22, 7:05 am)

Re: Vnode scope implementation, Elad Efrat, (Wed Jul 22, 8:18 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Jul 26, 10:51 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 26, 10:55 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Mon Aug 3, 7:07 pm)

Re: Vnode scope implementation, Elad Efrat, (Mon Aug 3, 11:19 pm)

Re: Vnode scope implementation, Elad Efrat, (Thu Aug 20, 9:52 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Fri Aug 21, 6:19 am)

Re: Vnode scope implementation, Marc Balmer, (Fri Aug 21, 6:26 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Fri Aug 21, 6:32 am)

Re: Vnode scope implementation, Marc Balmer, (Fri Aug 21, 7:17 am)

Re: Vnode scope implementation, Elad Efrat, (Fri Aug 21, 11:11 am)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Sun Aug 23, 11:15 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Aug 23, 2:31 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Tue Aug 25, 11:43 am)

Re: Vnode scope implementation, Elad Efrat, (Tue Aug 25, 2:06 pm)

Re: Vnode scope implementation, YAMAMOTO Takashi, (Tue Aug 25, 4:00 pm)

Re: Vnode scope implementation, Marc Balmer, (Tue Aug 25, 4:18 pm)

Re: Vnode scope implementation, Elad Efrat, (Fri Aug 28, 3:58 pm)

Re: Vnode scope implementation, Elad Efrat, (Tue Aug 25, 4:18 pm)

Re: Vnode scope implementation, David Holland, (Sun Jul 19, 4:17 pm)

Re: Vnode scope implementation, David Holland, (Sun Jul 19, 4:19 pm)

Re: Vnode scope implementation, Marc Balmer, (Sun Jul 19, 9:07 am)

Re: Vnode scope implementation, Elad Efrat, (Sun Jul 19, 9:30 am)

Re: Vnode scope implementation, Marc Balmer, (Sun Jul 19, 9:32 am)

Re: Vnode scope implementation, Christoph Egger, (Sat Jul 4, 1:45 pm)

Re: Vnode scope implementation, David Laight, (Sat Jul 4, 6:24 pm)

Re: Vnode scope implementation, Matthew Mondor, (Sat Jul 4, 6:52 pm)

Re: Vnode scope implementation, Elad Efrat, (Sat Jul 4, 2:09 pm)


linux-kernel:
Dave Hansen	Re: [RFC/PATCH] Documentation of kernel messages
Bart Van Assche	Integration of SCST in the mainstream Linux kernel
Amit K. Arora	[RFC] Heads up on sys_fallocate()
David Newall	Re: Slow DOWN, please!!!
git:

linux-netdev:
Gerrit Renker	[PATCH 27/37] dccp: Integration of dynamic feature activation - part 2 (server side)
Corey Minyard	[PATCH 3/3] Convert the UDP hash lock to RCU
Frans Pop	svc: failed to register lockdv1 RPC service (errno 97).
Jarek Poplawski	[PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
openbsd-misc: