Mail Archives: cygwin-developers/2001/05/31/14:09:36
On Thu, May 31, 2001 at 05:08:20PM +0200, Corinna Vinschen wrote:
>On Fri, Jun 01, 2001 at 12:06:16AM +1000, Robert Collins wrote:
>> From: "egor duda" <deo AT logos-m DOT ru>
>> > CV> As I wrote in my previous mail, it's essential to be sure about
>> > CV> the process which calls the server. Faking of pid, uid and gid
>> > CV> must not be possible!
>> >
>> > something similar was done in my cygserver via
>> > ImpersonateNamedPipeClient(). that's a clear benefit of named pipes
>> > before shared memory.
>>
>> This is where I'll pop up and say...
>> COM provides benefits here: AFAIK it's got impersonation capabilities
>> for NT, and AFAIK degrades gracefully on 9x.
>
>Hmm, personally I would prefer using a Win32 interface like the
>above (named pipes on NT, shared memory on 9x). Security doesn't
>matter on 9x and the low level interfaces are typically faster
>and (from my point of view) easier to understand. Anyway, if we
>agree to use COM I wouldn't step back.
Are we thinking about making this server able to maintain multiple
platforms? I think it could possibly be useful to have a single
setuid server running in an NT domain.
Or maybe that's far into the future...
I have a book on COM sitting around somewhere. I wonder how much
overhead that would add to the Cygwin DLL, though.
Also, I don't know if this has already been mentioned or not but
we also have to make sure that cygwin works ok without the server.
Maybe that means that ttys are not a good candidate for the server
because they are a heavily used feature and we don't want to limit
functionality.
cgf
- Raw text -