bug-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cmp: the port comparison server


From: Carl Fredrik Hammar
Subject: Re: cmp: the port comparison server
Date: Wed, 17 Jun 2009 09:12:10 +0200
User-agent: Mutt/1.5.18 (2008-05-17)

Hi,

On Mon, Jun 15, 2009 at 01:24:05AM +0200, address@hidden wrote:
> On Wed, Jun 10, 2009 at 01:49:02PM +0200, Carl Fredrik Hammar wrote:
> 
> > I've been making some progress code-wise with libmob.  In particular I
> > have written a working server for secure comparison of ports.
> 
> Actually, I'm not sure where the comparision server fits in, in view of
> certain conclusions from the recent IRC discussions?...

The current plan is for the sender to give the dependencies if the
receiver holds its task port.  cmp will be used to prove this.  The sender
can send an arbitrary PID to the receiver, so if the receiver simply
gave the task port it got from proc to the sender, it could result in
privilege escalation for the sender.

> > Mostly so that I don't feel the need to follow commit conventions and
> > such, and continue to just ``go for it''.
> 
> As long as you consider you branch to be inofficial, you can do whatever
> you want -- it really doesn't matter whether you branched it from the
> Hurd repository, or build it standalone. The former is more convenient
> though IMHO.

I'll consider switching to a branch.  How do I go about this in practice
when the Hurd's repository is in migration limbo?  Initialize a git
repository with a CVS checkout?

> > For now I use 1234000 as the subsystem number.
> 
> I'm not sure what numbers new subsystems should use. It seems that the
> existing subsystems are below 100000, where a reserved range begins.
> (For ioctls IIRC.) I guess new subsystems should go below the reserved
> range, though technically putting them above the end of the reserved
> range probably also works...

The ioctl range ends at 164200 and the highest subsystem over that is
888888.  I'm well above either, so I should be `safe'.  I think I'll
wait to change it until I put it in the Hurd, and then I'll just pick
the next free subsystem number after the normal subsystems.

> > I based the translator on password originally, since it also is a
> > trivial translator whose main interface isn't IO.  So currently I
> > state this as well in the relevant copyright notices.  But this code
> > is similar to a lot of other trivfs translators, has diverged, and it
> > is only a small portion of the actual functionality.  With that in
> > mind is it really necessary to state that in the copyright?  (It is
> > also based on auth, but here I believe attribution is in order.)
> 
> As the copyright holder is the same, it's not really necessary to state
> where the code came from at all.

What about the copyright years?

Regards,
  Fredrik




reply via email to

[Prev in Thread] Current Thread [Next in Thread]