Re: Thinking about "branes" for netbsd...

[Mouse <mouse%Rodents-Montreal.ORG@localhost>]

>> By not stopping at "I can configure this policy", but rather going
>> all the way to "No other policy can possibly be configured" I think
>> you make the mechanism less generally useful and I'd sort of like to
>> see the justification for that.
> You're right, it isn't desirable to be so restrictive.

I agree.  It strikes me as rather restrictive to mandate that which
routing table is used is tied to which process is responsible for the
traffic - especially since sockets can be shared by multiple processes,
meaning that either you have to somehow forbid the same socket from
appearing in the open file tables of processes using different branes,
or you have to tag the data in the socket's send queue with which brane
the writing process was in at the time of writing, or you have to
attach branes to sockets as well as processes, or you have to make the
brane association work only for immediately-sent traffic (eg, UDP but
not TCP), or something of the sort.

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                mouse%rodents-montreal.org@localhost
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B