greg@cantuar.UUCP (G. Ewing) (04/20/89)
A few more wild ideas: * The basis element for name lookups should be fd2 = lookup(fd1,pathname_element) sort of like the Mac vrefnum/filename concept. Build your own namei()! Have fun inventing brave new pathname syntaxes! (Want your system to look like MS-DOS? No problem! Edit stdfs.c and relink! :-) with a standard descriptor STDROOT. (chroot vanishes! Security problem?) * Someone pointed out #! as an analog of the Mac "creator" concept. But the Mac gets by without imposing any conditions on the file contents. Perhaps each inode should contain a "creator" link to a file to be executed. While we're at it, let's have the kernel open the original file on some standard descriptor, to avoid the security problems presently associated with setuid #!-files. * Think of a descriptor has having an "effective mode". Currently this includes r and w. Recent proposals would add x to this set. How about adding the file's owner and group, and the setuid and setgid bits? Then invent a new standard descriptor to hold the "last file executed", which inherits these attributes. And now - fsetuid(fd)!!! (Sets the process's euid to that of the descriptor, provided it has setuid access.) Similarly fsetgid(fd). Combine this with the above "creator" mechanism and some interesting possibilities might result. Not sure what, yet, need to think hard about this one! These are just random ideas so far - I may try to come up with a proposal for a "basis set" of syscalls using these ideas. Greg Ewing Internet: greg@cantuar.uucp Spearnet: greg@nz.ac.cantuar Telecom: +64 3 667 001 x8357 UUCP: ...!{watmath,munnari,mcvax,vuwcomp}!cantuar!greg Post: Computer Science Dept, Univ. of Canterbury, Christchurch, New Zealand Disclaimer: The presence of this disclaimer in no way implies any disclaimer.