Thank you for that clarification.
-Neal
On Sat, Apr 08, 2000 at 11:21:20PM +0300, Kalle Olavi Niemitalo wrote:
> Neal H Walfield <[EMAIL PROTECTED]> writes:
>
> > An application sends a message to a server; jump into kernel. Mr. Kernel
> > says, is this ok to do? Hmm, I need to check with Mr. Auth server, in user
> > land.
>
> Umh, no. The kernel does not do anything special with the auth
> server; it is just another task. Instead, user-level processes
> prove their rights to each other using the auth server. Servers
> also remember the privileges of their clients so that the auth
> server doesn't have to be called unless the privileges change.
>
> Each client has a send right to a port; the server has receive
> rights for all those ports. When a client sends a request, the
> server sees which port it came through and then checks the
> privileges associated with that port to see whether the request
> should be fulfilled.
>
> If the client gets new uids, it uses io_reauthenticate and
> auth_user_authenticate to let the server know about its new
> privileges. I'm not familiar with the details.
--
----------------------------------------------------------------------------
Neal Walfield [EMAIL PROTECTED]
UMass Lowell - Fox 1512 Phone: 978-934-5347
Fax: 603-415-3645
Love is the triumph of imagination over intelligence.
-- H. L. Mencken
