[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: chroot issues and http://tri-ceps.blogspot.com/2007/07/theory-of-fil
From: |
Richard Stallman |
Subject: |
Re: chroot issues and http://tri-ceps.blogspot.com/2007/07/theory-of-filesystem-relativity .html |
Date: |
Wed, 10 Oct 2007 09:01:49 -0400 |
But since you cannot escape a sub-hurd currently, it has limit use;
one cannot run for example a web server inside a sub-hurd for security
reasons, since you cannot send things outside of the sub-hurd (no
access to the network).
Now we are getting at the real issues. For most purposes, we would
need the sub-hurd to allow certain limited ways of writing data out of
the sub-hurd.
Would you like to work on implementing such facilities for sub-hurds?
It just occured to me that another way to allow a sub-hurd to
communicate outside of its enviroment is to run a server outside the
enviroment, that listens and intercepts communication, and injects
messages into the sub-hurd enviroment.
I do not really understand what that means. Could you describe
it in more detail and more concretely?