>>sort of an analogue, but different because instead of having an
>>arbitrary pointer to some piece of data, you have a file descriptor.
>>i think that doing it using the normal file system backing it would be
>>easier.
>
>Sure, it may be easier to do is fs-backed.  But, if you do it
>anon-backed, then we could fix mfs to just index into a list of
>these guys that live in the buffer cache and swap.  I.e. we could
>leverage the work to make our mfs not have the problems that it
>currently has (i.e. an extra copy when accessing data, and the fact
>that it uses/swaps out space that isn't actually allocated.)

hmm...fixing mfs.  sounds like a plan.  :)

>>as for flink(2), no.  flink(2) would be a terribly bad idea.  consider
>>that when opening a file, *all* the permissions on *all* the inodes in
>>the path to the file are considered.  if you were able to get some
>>process to hand you an open file descriptor to some file somewhere
>>that relies on being protected by permissions in the path and you were
>>able to flink(2) it to some arbitrary name, you could bypass the
>>permissions set that had been established.
>
>Hmmm, I did not consider that.  Of course, once you've handed the
>fd to another process like that, it could simply hand the fd out
>to anyone who asked for it, circumventing the permissioning in a
>very similar way.  The big problem would be if you had a file with
>group or other write permissions set, then the second process could
>link it to the fs and re-open it with elevated permissions, which
>would be a significant minus.  So, scratch that idea for now.

sure.  you could pass it on.  that would be another bad thing, but
we're presuming that you're not gonna do that.  on the other hand, we
are gonna assume that you've been handed temporary access to a
privileged thing for a specific purpose and that you'd like to cheat
and look in on whatever it is at some later point, counter to the
ideals of the passing process.  that's why flink(2) doesn't exist: it
would make it easy for you to circumvent permissions.

-- 
|-----< "CODE WARRIOR" >-----|
codewarrior@daemon.org             * "ah!  i see you have the internet
twofsonet@graffiti.com (Andrew Brown)                that goes *ping*!"
andrew@crossbar.com       * "information is power -- share the wealth."