At 2014-12-10 05:42:53, "Christian Helmuth" <christian.helmuth@...1...> wrote:
Hi,
On Tue, Dec 09, 2014 at 11:12:24PM +0800, li94575 wrote:
If I only give the reading permission for the object, How to perform permission checking on server side?
Why do you want to do that? In Genode the Ipc_gate information is used only as a key to lookup the corresponding Rpc_object. The Rpc_object contains all relevant information about the server resource the client is about to access. The right bits of base-foc stay unused in Genode.
Actually, I'm considering introducing a multi-level security policy for genode, as a job of my master's thesis. I just want to add some additional restrictions on the basis of the existing access control mechanism. For example, assigning a security label for each process (except for Core and Init), and performing the rule of " write up and read down ". Of course, I will test it simply(not all drivers), such as in the hello_tutorial. Can it be achieved? or how much the workload?Thank you!>
Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.cl... _______________________________________________ genode-main mailing list genode-main@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/genode-main