porting CCAPI to UNIX

Nicolas Williams Nicolas.Williams at sun.com
Wed May 9 17:08:08 EDT 2007

On Wed, May 09, 2007 at 05:00:23PM -0400, Ken Raeburn wrote:
> On May 9, 2007, at 15:44, Ken Hornstein wrote:
> >> Unless someone's going to implement cross-session ptrace restrictions
> >> and the like, there's little point in trying to do enforced
> >> isolation.
> >
> > I understand that line of reasoning ... but exactly how far do you  
> > want
> > to take that logic?
> Perhaps I misspoke: I don't think it's worthwhile to invest  
> significant effort or runtime cost or complexity in making it hard  
> for one process to access the credentials of another process under  
> the same uid, if ptrace and /proc are still going to get around the  
> restrictions easily.

I agree.

> If someone is going to invest serious effort in isolation of sessions  
> from one another, then yes, ccache access should be done too.

I think the ability to have per-session ccaches follow from being able
to have cross-session process isolation (the reverse, OTOH, is not
true), provided that there is some identifier for the session.


More information about the krbdev mailing list