tech-kern archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: [PATCH] fexecve

On Thu 15 Nov 2012 at 20:18:56 -0600, David Young wrote:
> Label a file descriptor with the root that was in effect when it was created
> by, say, open(2).  The effective root will never change over the
> lifetime of that descriptor.

As devil's advocate:
How does this relate to the proposed pivot_root system call?

> Maybe we can weaken fexecve()'s requirement on the effective root of z
> to "root(z) must be reachable from the effective root," but I think that
> that might be much more complicated.

I believe such a check is already done inside the chroot(2) call so it
would be doable.

> Also, enforcing access along "effective roots" lines may be inflexible
> or unwieldy, maybe a more abstract notion of "process coalition" is
> better.  Let each new root have a corresponding new coalition, but
> perhaps we should be able to create a new coalition without changing
> root, and change root without changing coalition.

That would make yet another process grouping, confusingly (dis)similar
to process groups, controlling-terminal groups, sessions, (and am I
forgetting more perhaps?)

> Dave
___ Olaf 'Rhialto' Seibert  -- There's no point being grown-up if you 
\X/ rhialto/at/    -- can't be childish sometimes. -The 4th Doctor

Home | Main Index | Thread Index | Old Index