[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: setpag switch for afslog?

*wistful sigh*

I don't suppose anyone has thought about making the MacOSX client use 
Mach Security context's as PAG's?  (Since the hack used to implement 
them on other Unix's doesn't work on OSX.)

At 9:55 AM -0600 2/23/04, Douglas E. Engert wrote:
>So the question to the AFS developers is:
>    Is the use of the ktc_SetToken(...,setpag) to set the PAG of a parent
>    going to continue to be supported in the future? Or should it be 
>Love wrote:
>>  Andrei Maslennikov <andrei@caspur.it> writes:
>>  > Would it be possible to support similar functionality in Heimdal
>>  > ("-setpag" switch, or function, or both)? It would simplify many
>>  > things.
>>  Yes, --setpag should be very possible. However, can the people the propose
>>  using this tell afs implementors that its secure to do ?
>>  I have not implemented --setpag functionality in arla because I'm not sure
>>  its secure. Modify the parent(s) of a process seems like a recipe for
>>  disaster unless its done very carefully.
>As you point out this is strange, a process modifying its parent. Considering
>all the discussion on Linux 2.6 kernel mods, maybe this should be dropped.
>I have also seen problems with it on some systems in the past.
>But it has proved to be very handy. Doing a klog -setpag user modifies the
>parent shell. (I know pagsh;klog could do something similar.)
>The one other place this is useful is that no AFS libs need to be linked
>to a daemon which needs to set a pag. This avoids conflicts and allows
>daemons to be built that can support AFS if its available. (PAM can also
>address this if the daemon uses PAM.)

The opinions expressed in this message are mine,
not those of Caltech, JPL, NASA, or the US Government.
Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu