Oystein Viggen <[EMAIL PROTECTED]> writes: > Combined with some kind of capabilities support, this could prove quite > a versatile (and did I mention cool ;) security feature for the hurd, > though.
Capabilites seem easy enough. This is how... Let's look at the ftpd example. You create a server/translator which, when asked, tries to create a socket, bind it to port 20, and return it. It could even take a hostname or ip-address as argument and connect before returning the socket, if that's desirable. Obviously that server has to run with some extra privileges. Now, you start the ftpd with something like rmauth /real/ftpd </your/capabilities/server The ftpd server gets started with no userids. However, it inherits an open fd associated with a port that lets it bind port 20. Any capability could be implemented in a similar way. The "algebra" described in the "Ode to the granovetter diagram" paper would apply. There may be some better way to create and inherit the port than to bind it to the stdin fd. /nisse
