At Wed, 09 Nov 2005 21:54:52 +0100, Marco Gerards wrote: > > Marcus Brinkmann <[EMAIL PROTECTED]> writes: > > > The active translator problem seems serious to me. Without any > > guarantee about the implementation of a service, you can not know what > > it does. This means that you must be prepared for any malicious > > behaviour, including: no response (stalling the client), infinite > > virtual directory tree, confusing inode numbers and link counts, > > rapidly changing filesystem structure (to trigger race conditions) etc > > etc. > > > > This is why in FUSE, users don't see the user filesystems of other > > users. I am afraid that given the seriousness of the problem, this is > > the only sane option. Only with a broader semantic framework can you > > re-enable sharing on a case by case basis. > > This was discussed on bug-hurd before. Doesn't the proposed solution > of making it possible for the user to configure which translators are > trusted and which are not? For example, I could configure I only want > to follow translators set by root and myself.
Yes, but it reduces the advantages of translators. It defeats the design to some extent. Thanks, Marcus _______________________________________________ Bug-hurd mailing list Bug-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/bug-hurd
