[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Many questions about translators

From: olafBuddenhagen
Subject: Re: Many questions about translators
Date: Sun, 18 Apr 2010 04:27:28 +0200
User-agent: Mutt/1.5.19 (2009-01-05)


On Fri, Apr 16, 2010 at 03:07:22PM +0200, Carl Fredrik Hammar wrote:
> On Fri, Apr 16, 2010 at 01:59:16PM +0200, Samuel Thibault wrote:
> > Carl Fredrik Hammar, le Fri 16 Apr 2010 11:52:04 +0200, a écrit :

> > > >      4. Is it possible for a translator to provide different
> > > >      views of the node for different users? For example, could
> > > >      each user have their own list of packages they want
> > > >      installed and the HPM translator would use ref-counting to
> > > >      install packages with ref-count > 0, and/or perhaps even
> > > >      make different packages appear installed for different
> > > >      users?
> > > 
> > > This is actually possible, as the translator knows the user of the
> > > client so it can grant or withhold access.  But I suspect that
> > > using it to provide different services to different users would
> > > violate many assumptions made by clients.
> > 
> > Could you try to find examples?  Usually, applications are not meant
> > to be run under several different identities.
> Not simultaneously, but applications can change their identity midway
> with setuid().  I wouldn't really know where to look for examples,
> sorry. Perhaps I'm overreacting though, as having chroots for each
> user could just as well cause confusion.

Nah, I think you are right. Systems that provide private namespaces
(beyond chroot) -- which most notably includes Plan9, but also Linux
nowadays -- do so per-process rather than per-user. So a user gets a
private namespace by means of it being assigned to the login shell (and
inherited to all other processes), rather than directly to any process
currently using that UID.

Presently we don't have any mechanisms for server-side per-process
handling though. (Again, beyond chroot.) While at some point we
mentioned the possibility of introducing one, by allowing clients to
give their PID voluntarily (no idea in what context we mentioned this),
I'm still not convinced that this is a good idea in general. Private
namespaces always make things somewhat intransparent IMHO.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]