On 08/01/2013 02:29 PM, Simo Sorce wrote: > It's called 'abstraction' :-) Good, I like abstraction :) >> It seems like a non-privileged user could use this to store arbitrary >> data in this keyring as a way of hiding what would otherwise be >> filesystem activity or using it for some sort of odd/sneaky IPC >> mechanism. Is this an intentional side effect? > > Just as a user can add data into a shm segment ? > Is there any difference ? I guess this raises the question from a different perspective: if the kernel already supports arbitrary shm segments, filesystem locations, etc, which can be used for storing/passing opaque bytestrings between different parts of userspace, what advantages do we gain from having this new specific mechanism in the kernel? Why couldn't those parts of userspace just rely on already-existing mechanisms instead of introducing this new interface? Again, i'm not trying to say it's a bad idea; there's probably a big-picture piece of the puzzle that i don't see that makes this all obvious. i just want to understand what it is. Thanks for your explanations! Regards, --dkg
Attachment:
signature.asc
Description: OpenPGP digital signature
