Hi, Just wondering how people would feel about adding VL_WhoAmI
I'm encountering a number of situations where I would like the cache manager to be able to obtain the vice ID associated with a given set of credentials in a secure manner. Sadly, just passing the vice ID in from user space (as we do currently with rxkad) isn't particularly elegant, doesn't scale to alternative token types, and is vulnerable to use spoofing. The main use case that I'm considering for this at present is for reconstructing ACLs in disconnected mode following a reboot, but I suspect that there are other applications. It will also make it easier to print meaningful debug messages about token ownership. I suspect this will end up looking like a cut down version of the PR_WhoAmI RPC that Jeffrey proposed back in 2007 - we literally only need the viced in this situation. I don't want to directly use PR_WhoAmI, as it would add a dependency between cache manager and ptserver that doesn't currently exist. Thoughts? Simon. _______________________________________________ AFS3-standardization mailing list [email protected] http://michigan-openafs-lists.central.org/mailman/listinfo/afs3-standardization
