Re: ANN: ANTS v2.0

[Patrick Tullmann <tullmann@cs.utah.edu>]

Sandy Murphy wrote:
> But I can say that if two identities try to run a Ping through the
> same node, two copies of the code run in two different protection
> domains.  Yes, ugly.  And maybe someday we can fix that using the
> SUN JAAS which associates privileges with a thread of execution
> rather than the code.  But we haven't gotten that far.

Ah, that clarifies things for me.  

Personally, I think this solution is less ugly than attaching the
privs to the thread of execution.  The model you currently have maps
better to a flow-per-security-domain model.  

> >If this support existed in the NodeOS, it should be pretty
> >straightforward to add to ANTS, I hope (just adding an extra parameter
> >to a lot of methods).  And, hopefully, it wouldn't require tossing out 
> >the existing access checks (which are mostly ANTS-specific checks).
> 
> I thought the idea in the NodeOS community was that each NodeOS call
> contains the flowid and if the create-a-flow call contained the
> credentials then the flowid could be a indirect reference to the
> credentials.

Each call is implicitly associated with the "current flow".  The
explicit parameter was dropped because the value was required to be
the id of the current thread's flow.

-Pat

----- ----- ---- ---  ---  --   -    -      -         -               -
Pat Tullmann                                       tullmann@cs.utah.edu
		   A closed mouth gathers no foot.