[OpenAFS-devel] Re: MEMORY credential cache interop between
Heimdal and MIT?
Michael B Allen
miallen@ioplex.com
Thu, 30 Aug 2007 16:37:03 -0400
On Thu, 30 Aug 2007 13:24:32 -0700
Howard Chu <hyc@highlandsun.com> wrote:
> But if
> you're going to the trouble of writing kernel code to implement it, do it
> right. E.g., walking up the process tree when someone issues an ioctl on a
> device is not going to give reliable answers. The ccache handles have to live
> in the process' user struct so they are implicitly copied at fork() time.
As long as you replace "ccache handles" with "data handles" I completely
agree that implicit copy at fork() time is ideal. I'll take that into
consideration when I research the actual implementation but there are
obvious pragmatic problems with the idea. For one, there's no way to ship
a package that works with an existing kernel. You would have to wait
until kernels accepted the changes. That could take years. Or maybe
there's a way to register objects to be associated with the process
structure and copied at fork() time.
Mike
--
Michael B Allen
PHP Active Directory Kerberos SSO
http://www.ioplex.com/