diff options
Diffstat (limited to 'hurd')
| -rw-r--r-- | hurd/authentication.mdwn | 17 | ||||
| -rw-r--r-- | hurd/concepts.mdwn | 5 | ||||
| -rw-r--r-- | hurd/hurdcritique.mdwn | 7 | ||||
| -rw-r--r-- | hurd/hurdhackingguide.mdwn | 4 | ||||
| -rw-r--r-- | hurd/ibac.mdwn | 8 | ||||
| -rw-r--r-- | hurd/translator.mdwn | 26 | ||||
| -rw-r--r-- | hurd/virtualfilesystem.mdwn | 17 |
7 files changed, 84 insertions, 0 deletions
diff --git a/hurd/authentication.mdwn b/hurd/authentication.mdwn new file mode 100644 index 00000000..0d52a0ba --- /dev/null +++ b/hurd/authentication.mdwn @@ -0,0 +1,17 @@ +UIDs on the Hurd are separate from processes. A process has +[[capabilities]] designating so-called UID vectors that +are implemented by an [[auth]] server. This +makes them easily [[virtualizable]]. + +When a process wishes to gain access to a resource provided by a third +party (e.g., a file system) and that party wishes to authenticate the client +so as to implement some identity-based access control ([[IBAC]]) policy, +the latter initiates a three-way authentication handshake. The server +and client each then begin an authentication sequence with +their respective [[trust]]ed auth servers. If they have +a mutally trusted ancestor and an auth server does not abort the +transaction, then the client is delivered a new capability +naming a newly authenticated session with the server +and the server is delivered the client's designated UID vector. + +For more details, see section 2.3 of the [[HurdCritique]]. diff --git a/hurd/concepts.mdwn b/hurd/concepts.mdwn new file mode 100644 index 00000000..6ec21f7d --- /dev/null +++ b/hurd/concepts.mdwn @@ -0,0 +1,5 @@ +* [[Translator]] +* [[VirtualFileSystem]] +* [[Authentication]] +* [[NeighborHurd]] + diff --git a/hurd/hurdcritique.mdwn b/hurd/hurdcritique.mdwn new file mode 100644 index 00000000..f8e3eed7 --- /dev/null +++ b/hurd/hurdcritique.mdwn @@ -0,0 +1,7 @@ +[[NealWalfield]] and [[MarcusBrinkmann]] wrote a paper titled +"[A Critique of the GNU Hurd Multi-Server Operating System](http://walfield.org/papers/200707-walfield-critique-of-the-GNU-Hurd.pdf)." +This was published in ACM SIGOPS Operating Systems Review in +July 2007. This is sometimes referred to as "the critique." + +The paper provides a technical overview of the Hurd's +architecture and critiques some of the decisions made.
\ No newline at end of file diff --git a/hurd/hurdhackingguide.mdwn b/hurd/hurdhackingguide.mdwn new file mode 100644 index 00000000..bc214589 --- /dev/null +++ b/hurd/hurdhackingguide.mdwn @@ -0,0 +1,4 @@ +Originally written by Wolfgang Jährling, the [Hurd Hacking Guide](http://www.gnu.org/software/hurd/hacking-guide/hhg.html) +contains an overview of some of the Hurd's features. +Also contains a tutorial on writing your own translator. + diff --git a/hurd/ibac.mdwn b/hurd/ibac.mdwn new file mode 100644 index 00000000..14d1551c --- /dev/null +++ b/hurd/ibac.mdwn @@ -0,0 +1,8 @@ +IBAC stands for identity-based access control. +In this access control scheme, access to a resource +is based on identity of the caller. This is often +problematic as when a program acts on behalf of +another, access is authorized based on its own +identity rather than that of the caller. + +See also [[ABAC]].
\ No newline at end of file diff --git a/hurd/translator.mdwn b/hurd/translator.mdwn new file mode 100644 index 00000000..1e281b9d --- /dev/null +++ b/hurd/translator.mdwn @@ -0,0 +1,26 @@ +A translator is simply a normal program acting as +an object server and participating in the Hurd's +distributed [[VirtualFileSystem]]. It is so-called +because it typically exports a file system +(although need not: cf. [[auth]], [[proc]] +and [[pfinet]]) and thus translates object invocations +into calls appropriate for the backing store +(e.g., ext2 file system, nfs server, etc.). + +Translators do not require any special privilege +to run. The privilege they require is simply +that to access the indiviudal resources they use. +This is primarily the backing store and the node +they attach to. Typically, a translator can +only be attached to a node by the node's owner. +On Unix this is not possible because file systems +and the virtual file system are implemented in the +kernel and thus have absolute access to the machine. +As the protocols do not require any special privilege +to implement, this is not an issue on the Hurd. + +See [[Translators]] for a list of Hurd translators. + +To learn how to write a translator, read the code! +It is well documented, in particular, the header files. +The [[HurdHackingGuide]] also has a tutorial.
\ No newline at end of file diff --git a/hurd/virtualfilesystem.mdwn b/hurd/virtualfilesystem.mdwn new file mode 100644 index 00000000..054f0b04 --- /dev/null +++ b/hurd/virtualfilesystem.mdwn @@ -0,0 +1,17 @@ +Path names are resolved using a distributed protocol. +No single entity is responsible for the resolution of +path names. A file system server (a [[translator]]) +attaches to translators (fs.defs:file_set_translator). + +When a process resolves an aboslute path, it queries +its root file system server by invoking the fs.defs:dir_lookup +method in the capability in its root directory slot. The +file system server resolves as much as it knows about locally +and when it encounters a translator, it replies to the client +indicating how much it resolved and where to continue its +lookup. This continues until the name is fully resolved +or an error occurs. The same happens for relative path +names but a different capability is used. + +For a more detailed explanation of the protocol, look at the section +2.2 of the [[HurdCritique]].
\ No newline at end of file |