dynamic /bin /sbin

Peter da Silva peter-dragonfly at taronga.com
Fri Jul 25 14:57:14 PDT 2003


Robert Watson wrote:
In a system oriented more around light-weight IPC, isolating those
components makes a lot of sense to me.  However, one of the big problems I
keep bumping into in OS X, from a security perspective, is a lack of a
trustworthy IPC namespace -- this will likely keep biting them in various
forms.  Given the discussion here of improving the IPC infrastructure for
a more message-passing oriented system, I hope the benefits of a
hierarchal and security-aware IPC namespace won't be lost.  :-)
Ah yes, using native dragonfly syscall style messages to implement
IPC via LWKT messages gives us a place to at least start dealing
with the security aspects of these things. I don't want to have to
start packaging cryptographic tokens with ALL messages to identify
the owners: you should just be able to ask the OS "who owns this VM
object I was just handed? Shouls I be writing SECRETSTUFF into it?".





More information about the Kernel mailing list