[OpenAFS-devel] Re: openafs / opendfs collaboration
Todd M. Lewis
Todd_Lewis@unc.edu
Tue, 25 Jan 2005 07:53:36 -0500
Kyle Moffett wrote:
>
> The keyring stuff essentially allows you to associate arbitrary BLOBs
> with processes via a simple kernel interface. OpenAFS could store
> the credentials in a session keyring and all processes in that
> session would have access to the credentials. Then OpenAFS could
> just run a key search for the credentials when it needs to perform
> operations (Such as passing them to the server) with them. It's very
> fast, simple, and well designed
This is encouraging. How closely do the semantics of "session keyring
and all processes in that session" match those of PAGs? (Group
membership inheritance across fork/exec seems pretty clear; sessions
have always seemed a little fuzzy to me.)
--
+--------------------------------------------------------------+
/ Todd_Lewis@unc.edu 919-962-5273 http://www.unc.edu/~utoddl /
/ I fired my masseuse today. She just rubbed me the wrong way. /
+--------------------------------------------------------------+