Browse Prior Art Database

Cross-Process Transmission of Security Context

IP.com Disclosure Number: IPCOM000116828D
Original Publication Date: 1995-Nov-01
Included in the Prior Art Database: 2005-Mar-31
Document File: 2 page(s) / 41K

Publishing Venue

IBM

Related People

Ault, MB: AUTHOR [+4]

Abstract

The Distributed Computing Environment (DCE) for OS/2* Distributed File System (DFS) Client provides a method for exporting a DCE Security login context across processes. The security context's credentials name is extracted from the environment set of the first process. The second process uses that name to import the first process's security context through the sec_login programming interface.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 68% of the total text.

Cross-Process Transmission of Security Context

      The Distributed Computing Environment (DCE) for OS/2*
Distributed File System (DFS) Client provides a method for exporting
a DCE Security login context across processes.  The security
context's credentials name is extracted from the environment set of
the first process.  The second process uses that name to import the
first process's security context through the sec_login programming
interface.

      The DCE for OS/2 DFS Client exports DCE security login contexts
from processes requesting file I/O, and then imports them into its
DFS daemon (dfsd) process.

      The OS/2 DFS Client's Installable File System driver uses the
following method for exporting a user process's security login
context to the dfsd process:
  1.  In the user process, as a result of an OS/2 DosCall file I/O
       request to a DFS attached drive, OS/2 calls the DFS Client's
IFS
       driver through the IFS interface.  Currently, OS/2 DCE
Security
       puts information relating to security credentials into a
       process's environment:
       o  A credentials file is created when the user process
          successfully logs in to DCE
       o  An environment variable which identifies the name of the
          process's credentials file is placed into the user
process's
          environment as part of the dce login.
  2.  The DFS Client's IFS driver extracts the...