Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
This makes the directory server end processing much more careful. It now splits out processing into a worker process that communicates with the parent over shmif. This lets all parsing, processing and authentication run with zero direct file system access (unveil(NULL)) and with only basic stdio for shmif-event+fdpassing to work. Another step of paranoia would be to also SIGSUSP the worker while deriving the session key. This would seal of any attempt for a compromised worker thread to try and extract bits of the parent private key via some possible microarchitectural side-channel, though that ia a bit over the top for now. The other purpose for this setup is to allow each worker some minor form of IPC synchronisation - mainly for (if permitted) registering new sources, sinks, directories and appl updates, with notifications. When that is working the final two stages would be to a. add a resource namespace for the appl to be able to load, store and glob from a shared appl-specific space on the server, as well as allow appls to communicate with other authenticated users on the same directory running the same appl.
- Loading branch information
Showing
17 changed files
with
1,483 additions
and
396 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.