[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: the deadly hypercube of death, or: handling permissions

From: Marcus Brinkmann
Subject: Re: the deadly hypercube of death, or: handling permissions
Date: Thu, 27 Apr 2006 15:02:47 +0200
User-agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.7 (Sanjō) APEL/10.6 Emacs/21.4 (i486-pc-linux-gnu) MULE/5.0 (SAKAKI)

At Thu, 27 Apr 2006 14:42:41 +0200,
Pierre THIERRY <address@hidden> wrote:
> > I have considered that before, storing a read and/or write capability
> > in each directory slot.
> > 
> > It's worth thinking about, if only to see what can break :)
> I'm not sure anything breaks, so let's try to find something.

Also, what about extensibility?  If I add a new object type with its
own permission bits, support for it would have to implemented in the
whole tool chain (directories, glibc etc) while if we embed the
permissions directly in a capability, the extra permission bits are
just forwarded transparently.

This can be seen as an advantage as well as a disadvantage of course,
because you may want the middle layers to be aware of the permission
bits.  Not sure.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]