lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <35e47ff4-7f61-c72d-f09f-a656dc8480df@schaufler-ca.com>
Date:   Wed, 7 Feb 2018 09:57:20 -0800
From:   Casey Schaufler <casey@...aufler-ca.com>
To:     "Enrico Weigelt, metux IT consult" <metux@....de>,
        linux-kernel@...r.kernel.org
Cc:     aganti@...gle.com
Subject: Re: adding plan9-like usernames to the kernel

On 2/7/2018 4:38 AM, Enrico Weigelt, metux IT consult wrote:
> Hi folks,
>
>
> as part as a little research project for bringing Plan9 semantics
> to Linux, I'd like to add textual usernames. In contrast to *nix,
> Plan9 doesn't use numerical IDs, but names.
>
> Obviously that needs some internal mapping between names and ids.
>
> Should this go into struct user_namespace (where per-namespace
> uid mapping lives) or to struct cred / struct user_struct ?

Why not keep a mapping associated with your devices?

>
> The primary consumer of this username will be the /dev/caphash
> and /dev/capuse devices for switching the UID.
> (an interesting question of course is, how to allocate the
> numerical UIDs for given usernames)

You read it from /etc/passwd (or the equivalent service)
and write it to your device based list via an ioctl, or a
companion device (/dev/capset?). If no one outside your
devices is using it this would be the logical place for
the data to reside.

>
>
> --mtx
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ