On Sun, Apr 30, 2006 at 07:57:00PM +0200, Tom Bachmann wrote: > > I wasn't replying to "what about /bin/passwd?", but to "what about setuid > > programs?", which seemed to be what he meant. > > OK. Are there any setuid binaries we want? To my view, setuid is just a > unix invention to circumvent the very coarse grained access control.
It is, but our version wouldn't give a whole uid (really a session, as your shell has), but only specific capabilities. The idea is the same though: the user may be permitted to use certain capabilities only through trusted programs. Device drivers are an example. They advertise themselves to the user by delivering a capability in the terminal that the user logs on to. This isn't a capability to the actual hardware, but only to some program which controls that capability for you (in a restricted way). It is likely that all setuid programs will really end up to be continuously running servers that you can call. That's one of the good things of a persistent system. It wouldn't really be doable to set all that up at boot time on a non-persistent system, and it would cost too much resources. None of these is a problem with persistence (and processes which get completely paged out). Thanks, Bas -- I encourage people to send encrypted e-mail (see http://www.gnupg.org). If you have problems reading my e-mail, use a better reader. Please send the central message of e-mails as plain text in the message body, not as HTML and definitely not as MS Word. Please do not use the MS Word format for attachments either. For more information, see http://129.125.47.90/e-mail.html
signature.asc
Description: Digital signature
_______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
