Re: About microkernels & hurd direction ....

[Kalle Olavi Niemitalo]

Neal H Walfield <[EMAIL PROTECTED]> writes:

> An application sends a message to a server; jump into kernel.  Mr. Kernel
> says, is this ok to do?  Hmm, I need to check with Mr. Auth server, in user
> land.

Umh, no.  The kernel does not do anything special with the auth
server; it is just another task.  Instead, user-level processes
prove their rights to each other using the auth server.  Servers
also remember the privileges of their clients so that the auth
server doesn't have to be called unless the privileges change.

Each client has a send right to a port; the server has receive
rights for all those ports.  When a client sends a request, the
server sees which port it came through and then checks the
privileges associated with that port to see whether the request
should be fulfilled.

If the client gets new uids, it uses io_reauthenticate and
auth_user_authenticate to let the server know about its new
privileges.  I'm not familiar with the details.