[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Defualt socket server overriding

From: Thomas Bushnell BSG
Subject: Re: Defualt socket server overriding
Date: Wed, 20 Jun 2007 10:30:02 -0700

On Wed, 2007-06-20 at 16:20 +0200, Neal H. Walfield wrote:
> What is a pseudo-chroot?
> I think what you are proposing is essentially filtering the global
> name space via some fancy translator.  

Yes, just that.

> When we are just interested in
> overriding a small parts of the environment and the rest represents a
> reasonable default, this may be fine.  Such an approach is, however,
> completely contrary to POLP.  I think the right direction is private
> name spaces, which can be achieved by passing capabilities.  That was
> the other part of my suggestion.

Private namespaces are another excellent idea; they are perhaps harder
to work into the current framework unless there's a trick I haven't
thought of.

I'm not trying to dampen the env-variable trick too; let a thousand
flowers bloom!


Attachment: signature.asc
Description: This is a digitally signed message part

reply via email to

[Prev in Thread] Current Thread [Next in Thread]