[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Hurdish applications for persistence
From: |
ams |
Subject: |
Re: Hurdish applications for persistence |
Date: |
Wed, 12 Oct 2005 12:54:59 +0200 |
It is not true that "chroot is insecure on all platforms".
All UNIXoid platforms. There are several ways to break out of a
chroot on them.
If you are looking for an alternative, one that works and is
actually used around the world, have a look at BSD jails. They
provide a more thorough encapsulation than chroot.
BSD jails use chroot AFAIK.
You keep beating on subhurds, but you fail to show how they are
relevant in this discussion at all. A subhurd is as relevant here
as a second machine, with its own copy of the operating system.
Right, a second machine is encapsulated, it can not access the
files on the first machine. What's your point?
My point is that a chroot() isn't suitable for us (in the current
situation), and we should use something else instead of doing a full
rewrite of everything.
You are trying to fit the Hurd into POSIX, which is simply the wrong
kind of thinking.
Re: Hurdish applications for persistence, Marcus Brinkmann, 2005/10/11
Re: Hurdish applications for persistence, Marcus Brinkmann, 2005/10/12
Re: Hurdish applications for persistence, Alfred M\. Szmidt, 2005/10/12
Re: Hurdish applications for persistence, Marcus Brinkmann, 2005/10/12
Re: Hurdish applications for persistence, Jonathan S. Shapiro, 2005/10/12
Re: Hurdish applications for persistence, Marcus Brinkmann, 2005/10/13
Chroot and "..", Jonathan S. Shapiro, 2005/10/13
Re: Chroot and "..", Marcus Brinkmann, 2005/10/13
Re: Chroot and "..", Jonathan S. Shapiro, 2005/10/13