Re: Filesystem Capabilities in 2.6?

yodaiken@fsmlabs.com
Sun, 3 Nov 2002 11:25:10 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Keith Owens: "Re: [ANNOUNCE] [PATCH] Linux-2.5.45-mcp3"
Previous message: Sam Ravnborg: "Re: 2.5: troubles with piping make output"

On Sun, Nov 03, 2002 at 10:13:37AM -0800, Linus Torvalds wrote:
>
> On Sun, 3 Nov 2002 yodaiken@fsmlabs.com wrote:
> >
> > Plan 9 !
>
> Well, yes. But also Linux. The code is all there, and you can create a new
> namespace group with just a simple CLONE_NEWNS. Then you just do
> pivot_root() in that namespace, unmount the old root, and you're done.

So capabilities then just seems like a hack. You can write a trusted
user space suid gateway program that consults a database, builds you a
temporary file system with links and permissions to an otherwise hidden
shared tree and puts you safely in that "temporary tree". If I understand
what this does.

As for Al, he may be a great programmer, but it's his polemical
writing style I appreciate most.

-- --------------------------------------------------------- Victor Yodaiken Finite State Machine Labs: The RTLinux Company. www.fsmlabs.com www.rtlinux.com 1+ 505 838 9109

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/

Next message: Keith Owens: "Re: [ANNOUNCE] [PATCH] Linux-2.5.45-mcp3"
Previous message: Sam Ravnborg: "Re: 2.5: troubles with piping make output"