You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For maintaining security guarantees, we can make it so that each process connects to the runtime using a POSIX domain socket. We can obtain process credentials (user, group, etc) and store in a table.
We can then create either per-process or per-user queues (per-user would possibly save some memory, but would have the potential for faulty processes to spread their malice to non-faulty processes by corrupting a queue). We could also implement grouped process queues for MPI-based programs, where each process in a group shares a queue.
This way there are privilege guarantees regarding how programs can interact with the Hermes runtime.
The text was updated successfully, but these errors were encountered:
For maintaining security guarantees, we can make it so that each process connects to the runtime using a POSIX domain socket. We can obtain process credentials (user, group, etc) and store in a table.
We can then create either per-process or per-user queues (per-user would possibly save some memory, but would have the potential for faulty processes to spread their malice to non-faulty processes by corrupting a queue). We could also implement grouped process queues for MPI-based programs, where each process in a group shares a queue.
This way there are privilege guarantees regarding how programs can interact with the Hermes runtime.
The text was updated successfully, but these errors were encountered: