Subject: Re: $HOSTALIASES thing.
To: NetBSD Security Technical Discussion List <tech-security@NetBSD.ORG>
From: Greg A. Woods <woods@weird.com>
List: tech-kern
Date: 11/03/2000 19:13:03
[ On Friday, November 3, 2000 at 17:34:35 (-0500), Thor Lancelot Simon wrote: ]
> Subject: Re: $HOSTALIASES thing.
>
> I think you miss the point.  When I say that I don't like the idea of 
> implementing zillions of special purpose "uid"s, it is in the context
> of the previous proposal that we add a "fsuid" as we have an "euid", a
> "ruid", and in some Unices a "saved set-user id".

Ah yes, I did.  sorry -- I took that only in the context of "IDs" in
general, not in the specific context of credentials stored in the kernel.

>  I have no quibble
> with doling privilege out to different user IDs to restrict its scope;

yes, then we agree on this external to the kernel issue....

> I *do* have a serious quibble with the half-baked notion of a "uid for
> filesystem purposes", a "uid for network purposes" and so forth.  If you
> really want to go *there*, a capability model would serve the same
> purpose much better, I think.

So do I -- in the intended context I agree with you entirely!

(I'm not sure that's the right direction to go in for a unix-compatible
system since it changes the model *way* too much, but that's a different
question altogether.)

-- 
							Greg A. Woods

+1 416 218-0098      VE3TCP      <gwoods@acm.org>      <robohack!woods>
Planix, Inc. <woods@planix.com>; Secrets of the Weird <woods@weird.com>