[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Questions

From: Bas Wijnen
Subject: Re: Questions
Date: Mon, 01 Nov 2004 10:14:42 +0100
User-agent: Mozilla Thunderbird 0.8 (X11/20040926)

Sam Mason wrote:
An interesting discussion then becomes how do we determine the
permissions of everything?  We probably don't want remote users to be
able to talk to whatever device was just plugged in.  But I guess this
isn't anything of great immediate interest as it should be easy to
leave this sort of policy till much later.

This problem is already solved in the Hurd on Mach. The actual device drivers are translators on files. A translator can only be started by the owner of a file. By default, users will only follow translators owned by themselves or root. If you want to use someone elses translator, you have to specifically say so, otherwise you end up accessing the file it connects to.

This is especially important for root, who doesn't want to risk executing user code every time an operation on untrusted files is performed. The programs are still executed by the running user, which is root.


Attachment: signature.asc
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]