ramblings about privileges
Artem Kachitchkine
Artem.Kachitchkin at Sun.COM
Sat Jan 21 20:15:39 PST 2006
> are we only talking format, e.g. how to store this data.
What I'm saying is kinda like when you need to map hostname to IP, you
just call gethostbyname(). It's up to the implementation to consult
/etc/hosts or DNS or NIS.
So we define a set of policy attributes (not too fine- and not too
coarse-grained, as you said) and a set of access functions, like
hal_get_policy() and hal_set_policy().
I think that takes care of requirements d and e. The interesting part,
of course, is finding a balanced set of policy attributes.
-Artem.
More information about the hal
mailing list