[$] Inheritable credentials for directory file descriptors
Date:
Thu, 02 May 2024 15:10:44 +0000
Description:
In Unix-like systems, an open file descriptor carries the right to access
the opened object in specific ways. As a general rule, that file
descriptor does not enable access to any other objects. The
recently merged BPF token feature runs
counter to this practice by creating file descriptors that carry specific BPF-related access rights. A similar but different approach to capability-carrying file descriptors, in the form of directory file
descriptors that include their own credentials, is currently under consideration in the kernel community.
======================================================================
Link to news story:
https://lwn.net/Articles/971825/
--- Mystic BBS v1.12 A47 (Linux/64)
* Origin: tqwNet UK HUB @ hub.uk.erb.pw (1337:1/100)