Processes and mmap

Georgi Chulkov g.chulkov at jacobs-university.de
Fri Jul 4 07:58:24 EST 2008


> Try Neils Provos' paper on privsep:
> http://www.citi.umich.edu/u/provos/ssh/privsep.html
>
> If you still have questions after reading that, then please feel free to
> ask here.

Thanks for the reference, that was a very good read. Unfortunately I cannot 
quite understand the paragraph that stars at the end of page 4 ("Figure 3 
shows an overview..."). In particular, I do not understand:

1) Why is the shared address space "back" necessary?
2) What does mm_share_sync do?
3) What is the difference between mm using libc's malloc, as opposed to mm 
using back which itself uses libc's malloc?

I will now try to figure out the source code that implements privilage 
separation, and I will post any other questions I might have.

Thanks!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080703/81c6ae0d/attachment.bin 


More information about the openssh-unix-dev mailing list