Darren J Moffat wrote:
> James Carlson wrote:
>> It'd be an interesting idea for testing, but I think it'd actually be
>> counter-productive to do this. The problem is that the actual privilege
>> enforcement (and thus the effects of each privilege bit) are hard-coded
>> into the kernel itself. There's no good way to replicate that logic out
>> into a user-space wrapper so that the code somehow 'knows' whether a
>> given system call should have succeeded give a privilege set.
>
> Also for privilege debugging it shouldn't be necessary. This is what
> the "Privilege Debug Mode" is for see ppriv(1). For the cases where
> that isn't sufficient or accurate then the Sun Blueprint
> "Privilege Debugging in the Solaris 10 Operating System"[1] is useful.
>
> [1] http://www.sun.com/blueprints/0206/819-5507.pdf
>
> Not that I'm biased by being a co-author on the above blueprint, but I
> think that is a better way of dealing with privilege debugging that
> attempting to do a "fakeroot" for privileges which by its very nature
> of being upstream will rot and be wrong.
>
> It will also be even more of an issue if/when FMAC makes its way into
> OpenSolaris distributions.
>
> Having said all that I have no problem with fakeroot being delivered.
> I would have possible issues if I see OpenSolaris originated projects
> wanting to depend on fakeroot.
Agreed. Do you want to derail the case to generate an opinion to this
effect?
- Garrett
