Re: Linux's future: //posix/ipc, //root and so on ?

• Next message: Daniel.Egger@suse.de: "[PATCH] Missing symbol in 2.3.49pre2"
• Previous message: Wakko Warner: "[OT] rwhod Re: How to survive in a Micro$oft environment??"
• In reply to: Khimenko Victor: "Re: Linux's future: //posix/ipc, //root and so on ?"
• Reply: Khimenko Victor: "Re: Linux's future: //posix/ipc, //root and so on ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> program to execure cgi script in sandbox. And without devfs, procfs and
> ipcfs it's DOABLE: you can put all needed libraries as hardlinks
> there. Without // trick (or rather /../ trick -- looks much saner to me)
> it's doable as well. WITHOUT changes for each and every program when new
> netfs or whjatever is implemented.

Unfortunately you've already introduced a security hole in wu.ftpd if you
dont modify it

        put //ipc/statusfile

stomp... and ipc may contain stuff you dont want outsiders reading. I'd actually
like chrooted stuff not be able to access the master /ipc. In fact being able
to mount further /ipc namespaces inside chrooted environments which are
seperate from the main one would be the good thing

Thats another step into supporting partitioning of applications on Linux

Alan

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Daniel.Egger@suse.de: "[PATCH] Missing symbol in 2.3.49pre2"
• Previous message: Wakko Warner: "[OT] rwhod Re: How to survive in a Micro$oft environment??"
• In reply to: Khimenko Victor: "Re: Linux's future: //posix/ipc, //root and so on ?"
• Reply: Khimenko Victor: "Re: Linux's future: //posix/ipc, //root and so on ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Mar 07 2000 - 21:00:09 EST