Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Thor Lancelot Simon (tlsrek.tjls.com)
Date: Sat Jun 23 2007 - 13:05:44 CDT
On Sat, Jun 23, 2007 at 06:37:20PM +0100, Alistair Crooks wrote:
> As a software developer, my answer to your question would be "no - if
> the complete abstraction has been violated, then it will be harder to
> build models on top of kauth". Has the complete abstraction been violated,
> or just a part of it? Where is the documentation dealing with the
> abstractions, the ways it fits into other kernel code, and the direction
> forward for kauth?
The documentation is poor, but I think the design principle that's been
violated here is pretty obvious: don't expose kauth internals or security
model internals to other code in the kernel, because they will inevitably
abuse it. Authentication data should only *ever* be handled via accessors.
We had that (albeit not in an ideally documented state) and changes like
the current one break it. We should find a way to gain the performance
advantage of the current change without exposing knobs code outside kauth
has no business turning.