>One idea I've toyed with is adding a bitmask to the system calls and another
>bitmask to the process. A process could only invoke system calls if
>((proc->p_mask & s->s_mask) != 0).
>For your scenario, the msg_connect() system call should be disabled. The
>process could then walk down current mount points, but could not access new
>servers. Other possibilities are disabling fork()/tfork()/clone() (perhaps
>a couple others). This would create an execution environment in which a
>process could serve requests but not much else.
why not let the servers themselves do the authentication, a la
the 9p? as in the message set
Tauth
Rauth
erik
Received on Wed Mar 15 05:02:32 1995
This archive was generated by hypermail 2.1.8 : Thu Sep 22 2005 - 15:12:17 PDT