dynamic /bin /sbin
Peter da Silva
peter-dragonfly at taronga.com
Fri Jul 25 14:57:14 PDT 2003
Robert Watson wrote:
In a system oriented more around light-weight IPC, isolating those
components makes a lot of sense to me. However, one of the big problems I
keep bumping into in OS X, from a security perspective, is a lack of a
trustworthy IPC namespace -- this will likely keep biting them in various
forms. Given the discussion here of improving the IPC infrastructure for
a more message-passing oriented system, I hope the benefits of a
hierarchal and security-aware IPC namespace won't be lost. :-)
Ah yes, using native dragonfly syscall style messages to implement
IPC via LWKT messages gives us a place to at least start dealing
with the security aspects of these things. I don't want to have to
start packaging cryptographic tokens with ALL messages to identify
the owners: you should just be able to ask the OS "who owns this VM
object I was just handed? Shouls I be writing SECRETSTUFF into it?".
More information about the Kernel
mailing list