l4-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hurdish applications for persistence


From: ams
Subject: Re: Hurdish applications for persistence
Date: Wed, 12 Oct 2005 12:54:59 +0200

   It is not true that "chroot is insecure on all platforms".

All UNIXoid platforms.  There are several ways to break out of a
chroot on them.

   If you are looking for an alternative, one that works and is
   actually used around the world, have a look at BSD jails.  They
   provide a more thorough encapsulation than chroot.

BSD jails use chroot AFAIK.

   You keep beating on subhurds, but you fail to show how they are
   relevant in this discussion at all.  A subhurd is as relevant here
   as a second machine, with its own copy of the operating system.
   Right, a second machine is encapsulated, it can not access the
   files on the first machine.  What's your point?

My point is that a chroot() isn't suitable for us (in the current
situation), and we should use something else instead of doing a full
rewrite of everything.

You are trying to fit the Hurd into POSIX, which is simply the wrong
kind of thinking.




reply via email to

[Prev in Thread] Current Thread [Next in Thread]