Processes and mmap
Georgi Chulkov
g.chulkov at jacobs-university.de
Fri Jul 4 07:58:24 EST 2008
> Try Neils Provos' paper on privsep:
> http://www.citi.umich.edu/u/provos/ssh/privsep.html
>
> If you still have questions after reading that, then please feel free to
> ask here.
Thanks for the reference, that was a very good read. Unfortunately I cannot
quite understand the paragraph that stars at the end of page 4 ("Figure 3
shows an overview..."). In particular, I do not understand:
1) Why is the shared address space "back" necessary?
2) What does mm_share_sync do?
3) What is the difference between mm using libc's malloc, as opposed to mm
using back which itself uses libc's malloc?
I will now try to figure out the source code that implements privilage
separation, and I will post any other questions I might have.
Thanks!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080703/81c6ae0d/attachment.bin
More information about the openssh-unix-dev
mailing list