that's pure
but keep it as a separate filesystem module for now
the /proc/varlinks on which it is mounted is just a function
of the mount() call or course, and could be anything
that way the general varlink-fs can have several instances with
different semantics -- the readlink engine can be pluggable as a mount option.
so, where normal symlinks can be seen as a degenerate case,
with readlink() basically doing a strcpy();
varlinks have a readlink() which is more shellish, sort of like
system(strcat("echo", rest_of_path));
evaluated with the environ[] of the calling process, and their fsuid.
this allows active servers (a la cgi), by using $(stuff) or `stuff`.
you can do most of this with autofs, and program maps.
i've forgotten how well autofs handles security, you really want a per-uid
or per-proc lookup -- a non-cached lookup which is verified against callers
creds.
while this is probably not a high-performance solution, it does beg the question
of why there isn't such a solution.
^..^ hmmmm, time to play.
Peter Swain ^..^ +61 2 9698 2322 (office)
swine@softway.com.au (oo) +61 419 431 088 (mobile)
Evolutionary software, revolutionary results +61 2 9519 0171 (home)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu