POSIX fine. But if POSIX gets hung up because *BSD doesn't have kernel support
for thread level creds and *bsd.org doesn't want to do it, we just do what fits
today's requirements and what Linux is capable of,
Jim
--
Jim Lieb
Linux Systems Engineer
Panasas Inc.
---
> -- Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Down
On Thursday, March 27, 2014 12:45:30 Andy Lutomirski wrote:
> On Thu, Mar 27, 2014 at 12:30 PM, Jim Lieb wrote:
> > Rather than inline, I'm responding in the context of Jeremy's comments but
> > I have to answer others as well. It is Jeremy after all who
gt; feels wrong. IT *isn't* an fd, you can't read/write/poll
> on it, and it's only done as a convenience to get the
> close-on-exec semantics and the fact that the creds are
> already hung off the fd's in kernel space.
>
> I'd rather any creads call use a di
On Saturday, November 02, 2013 01:07:59 Tetsuo Handa wrote:
> Jim Lieb wrote:
> > On Friday, November 01, 2013 22:24:12 Tetsuo Handa wrote:
> > > Jim Lieb wrote:
> > > > Subsequent uses look like:
> > > > use_creds(cached fd);
> > > &
On Friday, November 01, 2013 22:24:12 Tetsuo Handa wrote:
> Jim Lieb wrote:
> > Subsequent uses look like:
> > use_creds(cached fd);
> >
> > followed by
> >
> > open/creat/mknod/write
> >
> > followed by
> >
> > u
On Thursday, October 31, 2013 12:48:54 Andy Lutomirski wrote:
> On Thu, Oct 31, 2013 at 12:43 PM, Jim Lieb wrote:
> > On Thursday, October 31, 2013 12:09:08 Andy Lutomirski wrote:
> >> On Thu, Oct 24, 2013 at 1:24 PM, Jim Lieb wrote:
> >> > On Thursday, October 24,
On Thursday, October 31, 2013 12:09:08 Andy Lutomirski wrote:
> On Thu, Oct 24, 2013 at 1:24 PM, Jim Lieb wrote:
> > On Thursday, October 24, 2013 12:28:15 Andy Lutomirski wrote:
> >> On Wed, Oct 23, 2013 at 10:59 PM, Eric W. Biederman
> >>
> >> wrote:
> &
cipient.
I am not sure I understand this. CMSG only applies to UNIX_DOMAIN sockets
which means that the switch_creds fd test still applies here. It is
identification but only for within the same kernel. As for namespaces, the
translation was done when the creds fd was created. I suppose
t; > be used to escape from no_new_privs land.
>
> Which is why I was suggesting that we don't allow changing any field in
> the cred except for uids and gids.
Yes. Which is why in my original patch I pass a user_creds structure that
only has the fsuid, fsgid, and altgroups. T
not require a capability check because
all that can happen is to return to the immutable real set. Also, I don't
need the initial open of /dev/null.
Does this fit?
Jim
--
Jim Lieb
Linux Systems Engineer
Panasas Inc.
"If ease of use was the only requirement, we would all be riding tri
This is temporary number awaiting syscall number assignment.
Signed-off-by: Jim Lieb
---
arch/x86/syscalls/syscall_32.tbl | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/syscalls/syscall_32.tbl b/arch/x86/syscalls/syscall_32.tbl
index aabfb83..b836839 100644
--- a/arch/x86/syscalls
hitecturally
dependent in this syscall so when appropriate, numbers can be assigned.
Please review and comment to me. The code fragments above are from my
test program.
Regards,
Jim Lieb
NFS Ganesha project
--
To unsubscribe from this list: send the line "unsubscribe linux-ke
subsequent operations for that client more efficient.
Signed-off-by: Jim Lieb
---
include/linux/cred.h | 15
include/linux/syscalls.h | 2 +
kernel/sys.c | 175 +++
kernel/sys_ni.c | 3 +
4 files changed, 195 insertions
This is a temporary while waiting for syscall number assignment.
Signed-off-by: Jim Lieb
---
arch/x86/syscalls/syscall_64.tbl | 1 +
1 file changed, 1 insertion(+)
diff --git a/arch/x86/syscalls/syscall_64.tbl b/arch/x86/syscalls/syscall_64.tbl
index 38ae65d..f46b75c 100644
--- a/arch/x86
15 matches
Mail list logo
