Re: Desktop Kernel Stuff
- From: Seth Nickell <snickell stanford edu>
- To: =?iso-8859-15?q?Carlos_Perell=F3_Mar=EDn?= <carlos gnome org>
- Cc: gnome-hackers gnome org
- Subject: Re: Desktop Kernel Stuff
- Date: Wed, 09 Jul 2003 14:25:35 -0700
Carlos Perelló Marín wrote:
El mié, 09-07-2003 a las 22:43, Seth Nickell escribió:
[...]
2) User Extensible Metadata in ext3!!! It seems like this is on the
verge of happening (maybe it already happened?), perhaps we could give
it an extra push.
The actual kernel 2.5 has ACLs implemented so there is already the
Extensible metadata extension because they use it for ACLs :-)
Awesome, I didn't know if that had landed yet.
[...]
1) A revised permissions system that allows processes to acquire
multiple permission "tokens" ala the HURD..... so that they can run with
multiple user's permissions. This would allow things like the mouse
preference page to run as the normal user, but if you changed one of the
settings that requires root, we could prompt you for the root password,
pick up root permissions, do the work, then drop the token. Or, in
Nautilus, if you try to copy a file you don't have permission for we
could let you authenticate as root or the owner of the file, do the
work, and then drop the permissions. I imagine the usefulness of this is
not restricted to desktop apps but could be used so that, e.g., moddav
could run as nobody, but when you log in to it, authenticate as you so
that you can access your homedir through WebDAV (oops, guess that was
another desktop application... :-)
Perhaps it's already there as a standard that Linux && BSD implement
http://www.kernel.org/pub/linux/libs/security/linux-privs/old/doc/linux-privs.html/linux-privs.html
I'm not sure the level of implementation for that standard because it
seems to be dead :-?
Hmm.... well just scanning the document I didn't see what we needed
unless it would have been in the unwritten section on "Task/Process
credentials" :-)
-Seth
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]