Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Provide authentication mechanisms for Hermes #582

Open
lukemartinlogan opened this issue Sep 8, 2023 · 0 comments
Open

Provide authentication mechanisms for Hermes #582

lukemartinlogan opened this issue Sep 8, 2023 · 0 comments
Labels
priority-low This is a low priority issue

Comments

@lukemartinlogan
Copy link
Collaborator

lukemartinlogan commented Sep 8, 2023

For maintaining security guarantees, we can make it so that each process connects to the runtime using a POSIX domain socket. We can obtain process credentials (user, group, etc) and store in a table.

We can then create either per-process or per-user queues (per-user would possibly save some memory, but would have the potential for faulty processes to spread their malice to non-faulty processes by corrupting a queue). We could also implement grouped process queues for MPI-based programs, where each process in a group shares a queue.

This way there are privilege guarantees regarding how programs can interact with the Hermes runtime.

@lukemartinlogan lukemartinlogan added the priority-low This is a low priority issue label Sep 8, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
priority-low This is a low priority issue
Projects
None yet
Development

No branches or pull requests

1 participant