Re: Login shell (was: Small Bug)
Norbert Nemec <nobbi@cheerful.com> writes:
> The forth permission set, on the other hand are very specific
> solution for a specific problem. Instead of generalizing the concept
> of users and permissions in any way, this solution looks more like a
> quick hack at a point where the developers did not have a
> revolutionary idea.
There's actually an idea behind this that might be "revolutionary", at
least compared to Unix. On Unix, each process has a current uid
(except for some privileged processes, that can have a saved and an
effective uid and generally switch back and forth to any uid it
likes).
On Hurd, a process can have any non-negative number of uid:s. A single
uid might be the common case, but su can add other uids to a process
while it's running. And processes with no uid:s at all (the login
shell being just one example) is also possible.
Now, when a process with n uid:s tries to open a file, you have to
figure out if it is authorized to do that. If the process has some
uids and gids, the process's rights are the union of the rights of
each uid and gid.
But what about the empty case: proceses with no uids at all? There are
at least three alternatives: Deny all accesses. Or apply the
"other"-bits, as if the process actually had some random unrelated uid
(say, guest or nobody). Or add some extra bits to let the owner of the
file choose the behaviour.
(I hope I got the details right. I've been following the lists for a
while, but I haven't read or written the code).
/Niels
Reply to: