Filesystem Permssions
emery at ...261...
emery at ...261...
Fri Jun 12 09:22:08 CEST 2015
On Fri, Jun 12, 2015 at 04:28:06AM +0000, Nobody III wrote:
> What is the state of file permissions in Genode? And what is the plan for
> the future?
Permissions are handled by inspecting the session label used to open the file system at
the parent and routing the session to the appropriate file server. The file server can
then use the label again to root the session at an appropriate location within the file
system, and if the session will support modifications to files. Thats pretty much all
you need.
If a user wishes to use an application that they do not trust, it probably has a
very specific use case, therefore it should be easy to figure out just what files it
needs to access.
If you want to share a file system between users, it wouldn't be too hard to make a
server that performed file system level encryption rather than block level encryption.
Each user could place one of these between them and the actual storage, which would give
you pretty good assurance that you're preventing unauthorized reads and cleartext
writes.
Emery
More information about the users
mailing list