jason@cnd.hp.com (Jason Zions) (06/30/90)
From: Jason Zions <jason@cnd.hp.com> Dominic Dunlop raises the interesting problem of finding an acceptable, human-language translatable definition for "Magic Cookie." Might I suggest, as a starting point, An opaque object, or token, of determinate size, whose significance is known only to the entity which created it. An entity receiving such a token from the generating entity may only make such use of the "cookie" as is defined and permitted by the suppliying entity. As for his comments concerning negative UIDs and the responsibility of POSIX.8 to do something about it, rest assured that something will indeed be done. I fear that permitting negative UIDs to fall into a crack will prove unacceptable; however, I hope the working group will come up with a better approach. Right now, we've looked more at administrative solutions to the problem; that is, requiring some sort of explicit UID mapping mechanism to support a more sensible mapping of "undesireables" to a local UID. We may do no more than require the presence of such a mechanism and indicate where in the semantics of POSIX.8 compliant interfaces such a mechanism becomes relevant, and defer the definition of the user interface to such a mechanism to POSIX.7. (I believe this is the current status of POSIX.8's thinking, based on the minutes as I've read them. However, my summation should not be considered an official statement from the working group; read the minutes and talk to the members for a clearer picture.) I must, however, take issue with one of Dominic's statements, to wit: ...and highly curtailed semantics (considerably less than ``certain networking conventions'') The group is still evolving its understanding of FTAM semantics and behaviour, the which is driving the "highly curtailed semantics" referred to. We have by no means concluded that the resulting semantics of the imputed interface are indeed "highly curtailed", nor are we ready to conclude that those semantics are "considerably less" than ``certain networking conventions''. (What a marvelous euphemism!) In any event, the mapping to a negative UID is a part of some particular implementations of a remote file access mechanism; many other mechanisms do not require such a mapping, and in fact many implementations of that mechanism permit other mappings to be chosen. It is within the scope of POSIX.8 to, while permitting arbitrary mappings, require that any mapped-to UID be of type uid_t at all times in all representations. As Dominic observed, this shouldn't break anything that didn't already deserve to be broken for other reasons. Jason Zions Chair (unconfirmed), IEEE P1003.8 POSIX Networked Transparent File Access Volume-Number: Volume 20, Number 63