From mboxrd@z Thu Jan 1 00:00:00 1970 From: Boaz Harrosh Subject: Re: Thoughts on credential switching Date: Tue, 22 Apr 2014 15:14:33 +0300 Message-ID: <53565D29.6010503@gmail.com> References: <53341D8E.80105@redhat.com> <20140327060225.4f4caa5a@ipyr.poochiereds.net> <53342258.8000304@redhat.com> <533428BF.8090007@gmail.com> <53565491.702@redhat.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Cc: Andy Lutomirski , "Eric W. Biederman" , LSM List , "Serge E. Hallyn" , Kees Cook , Linux FS Devel , Theodore Ts'o , "linux-kernel@vger.kernel.org" , bfields@redhat.com To: Florian Weimer , Jeff Layton , Jim Lieb Return-path: In-Reply-To: <53565491.702@redhat.com> Sender: linux-kernel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On 04/22/2014 02:37 PM, Florian Weimer wrote: > On 03/27/2014 02:33 PM, Boaz Harrosh wrote: >> POSIX or not it just does not have any real programming mining >> at all. > > What do you mean with "mining" in this context? > Sorry I saw this mistake after I posted. I meant "meaning". What I'm saying is that the mess starts when you are trying to keep patching a very wrong API. the POSIX politics aside, in regard to user switching (and current directory and etc...) this API is plain WRONG. I mean in the mathematical sense wrong. All these application mess is not the application programmers fault. He had to do what he had to do. The mess starts when you are trying to keep a mathematical contradiction in your proof. It is glibc mess for trying to maintain compatibility with these "PROCESS WIDE OPERATIONS". And naming it holy names like POSIX will not cover the mess that they are. As long as you try to keep them there will be mess. If you want to honestly clean things up is by throwing the true garbage out. Convert all legacy code to new mathematically sound API's. Peace Boaz