[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [OpenAFS-devel] Re: MEMORY credential cache interop betweenHeimdal and MIT?



On Thu, 30 Aug 2007 13:24:32 -0700
Howard Chu <hyc@highlandsun.com> wrote:

> But if 
> you're going to the trouble of writing kernel code to implement it, do it 
> right. E.g., walking up the process tree when someone issues an ioctl on a 
> device is not going to give reliable answers. The ccache handles have to live 
> in the process' user struct so they are implicitly copied at fork() time.

As long as you replace "ccache handles" with "data handles" I completely
agree that implicit copy at fork() time is ideal. I'll take that into
consideration when I research the actual implementation but there are
obvious pragmatic problems with the idea. For one, there's no way to ship
a package that works with an existing kernel. You would have to wait
until kernels accepted the changes. That could take years. Or maybe
there's a way to register objects to be associated with the process
structure and copied at fork() time.

Mike

-- 
Michael B Allen
PHP Active Directory Kerberos SSO
http://www.ioplex.com/