On Wed, 2007-06-20 at 16:20 +0200, Neal H. Walfield wrote: > What is a pseudo-chroot? > > I think what you are proposing is essentially filtering the global > name space via some fancy translator.
Yes, just that. > When we are just interested in > overriding a small parts of the environment and the rest represents a > reasonable default, this may be fine. Such an approach is, however, > completely contrary to POLP. I think the right direction is private > name spaces, which can be achieved by passing capabilities. That was > the other part of my suggestion. Private namespaces are another excellent idea; they are perhaps harder to work into the current framework unless there's a trick I haven't thought of. I'm not trying to dampen the env-variable trick too; let a thousand flowers bloom! Thomas
signature.asc
Description: This is a digitally signed message part
_______________________________________________ Bug-hurd mailing list Bug-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/bug-hurd
