Re: kernel vs user-space

• Next message: Pat Grogan: "Using X behind a IP Masquerading firewall"
• Previous message: linux-net@ddx.a2000.nu: "max mbits/sec using linux router (with firewall rules)"
• Maybe in reply to: Nelson: "kernel vs user-space"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In article <Pine.OSF.4.21.0009171526390.21104-100000@decunx.comp.nus.edu.sg> you wrote:
> so, what are the arguments for and against implementing the
> authentication mechanism in kernel space and user-space?

It is simple like this: if there is no good reason for do it in kernel space
dont do it. Good reasons could be:

- speed
- hardware access (irq, ...)
- less abstraction (for example nfs server can have better file system
access)
- protection

For authentication a kernel implementation makes only sence if you need to
have some code which is extending the basic unix security system (ACL, MAC,
Rules Based, ...). If you just want to use radius for checking passwords at
login time (i.e. hav programs like login call a function which will return
true or false) there is realy no need for a kernel implementation.

Greetings
Bernd
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org

• Next message: Pat Grogan: "Using X behind a IP Masquerading firewall"
• Previous message: linux-net@ddx.a2000.nu: "max mbits/sec using linux router (with firewall rules)"
• Maybe in reply to: Nelson: "kernel vs user-space"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Sat Sep 23 2000 - 21:00:32 EST