Re: [capsicum] New capability rights api



On Sat, Oct 05, 2013 at 04:46:12PM +0200, Pawel Jakub Dawidek wrote:
> On Wed, Oct 02, 2013 at 10:31:19PM +0200, Joris Giovannangeli wrote:
> > I don't really believe in 2) myself, but it seems to be a concern for
> > the devs I've been talking with. A lot of thing won't scale well, like
> > embedding rights in the filedesc entries, or building a complex rights
> > structure before each call to fget.
> 
> cap_rights_t is extremely simple. The whole cap_rights_init() family of
> functions are designed to never fail, which hugely simplify the code.

Let me back it up with real world example. Take a look at:

	http://people.freebsd.org/~pjd/pubs/Capsicum_and_Casper.pdf

And compare page 8 and 9. On page 8 we have code from the time we had
capability rights as simple uint64_t bitmask. On page 9 we have code
using my new API.

-- 
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://mobter.com

Attachment: pgpEMg6dI4nQ2.pgp
Description: PGP signature



This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.