DragonFly kernel List (threaded) for 2003-08
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
Re: Buffer overflow?
:Also, I am not sure about the possiblity or the viability of what I am
:about to suggest; that is, things like ACLs should be done as an overlay
:over a file system, just like Quotas and the ability to make arbitrary
:file systems volumes as root file systems. So it would be like:
:
: [ UFS ] -> [ ACL-FS ] -> FS visibility (w/ ACLs)
:
:So then, supposingly, a VFS entry-point exists that can be used by the
:filesystem for storing the ACL information somewhere, be it on-disk, or
:temporarily in memory (depending on what type of file system it is
:ofcourse).
:
:Ofcourse, adding ACL support to userland utilities is just a different
:ball-game altogether. :-)
:
:Cheers.
:
:--
:Hiten Pandya
It's even easier then that.
mount(... option to request ACLs)
{
port = openvfs(ufs ... )
if ((flags & WANTACLS) && doio(query ACL capabilities) == ENOTSUP) {
port = overlay_acl(port);
}
if ((flags & WANTQUOTAS) && doio(query quota capabilities) == ENOTSUP) {
port = overlay_quota(port);
}
etc...
}
There would be 'system standard' APIs that the system is able to guarentee
to userland, like ACLs, QUOTAs, even things like transactions (the
overlay would generate a separate transactional log and validate the
underlying filesystem from it after a reboot).
The actual overlay code would simply shim the port... multiple overlays
would only use one shim with a subsystem switch on the message command,
like this:
overlay_acl(oldport)
{
newport = allocport(sizeof(overlay_shimport))
newport->ov_fsport = oldport;
newport->ov_port.mp_beginmsg = overlay_port_beginmsg;
return(newport);
}
int
overlay_port_beginmsg(port, msg)
{
subsystem = msg->ms_cmd >> 24
return((overlay_subsystem_ary[subsystem])(port->ov_fsport, msg));
}
In otherwords, it wouldn't be slow.
-Matt
Matthew Dillon
<dillon@xxxxxxxxxxxxx>
[
Date Prev][
Date Next]
[
Thread Prev][
Thread Next]
[
Date Index][
Thread Index]
