On Wed, 2007-05-09 at 17:53 +0200, Thomas Schwinge wrote: > Now, how about the following: we have a server sitting on > `/servers/machine' (or somewhere else) that accepts rpcs like > `io_perm_create' or `memory_map_create' and ``forwards'' (it need not > really be forwarding) them to the kernel after having done some > permission checking. That server would hold access to the device-master > port (and host-priv as well?), so it could also -- being a proxy -- allow > access to (e.g.) `i386_io_perm_create' to users that can't get such > access by themselves, but can prove that they should be allowed such > access. Proving this might be something like: ``When you're a member of > the `console' group, you're allowed to get access to the i/o ports that > deal with video output and to the video memory.''
I think this is roughly the right structure, sounds good. I don't much like the name /servers/machine; so let's figure out something better. Names like that persist forever, so it's actually more important than it might seem to get them right from the get-go. Thomas
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Bug-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-hurd
