[okl4-developer] Shared memory howto
Nelson Tam
nelson at ok-labs.com
Thu May 8 17:00:33 EST 2008
Hi Dhiraj,
On 26/04/2008, at 3:59 AM, Kalamkar, Dhiraj D wrote:
>
> One thing I couldn't understand is how client gets access rights for
> server's shared memsection? If just passing capability object is
> sufficient, client can forward it to anyone else say X and then X
> can access server's shared memsection, how to prevent that? Also,
> how server can specify what type of access is granted e.g. readonly
> or readwrite?
Currently, the best way to control read / write / execute access
rights is by using Elfweaver. Please have a look at the Elfweaver
manual at portal.ok-labs.com for more details.
If you want to prevent clients from passing around shared memsections,
you can set up all the caps you need using elfweaver, then remove the
clist_add() function in Iguana server. That effectively restricts all
valid caps to whatever is created by Elfweaver.
--
(nt)
Nelson Tam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 1560 bytes
Desc: not available
Url : http://lists.okl4.org/pipermail/developer/attachments/20080508/d675e4b9/attachment-0001.bin
More information about the Developer
mailing list