Re: Hurdish applications for persistence

[Jonathan S. Shapiro]

On Thu, 2005-10-13 at 02:07 +0200, Marcus Brinkmann wrote:
> > And I still consider chroot as a bad example, and consider sub-hurds
> > (or some form of them) far more flexible than chroot().
>
> As said
> previously, this is exactly what needs consideration.  It's not
> something that can be invoked by a magic hand wave.  This "some form"
> is not going to magically pops up into existance.  It requires careful
> consideration and design, and, yes, some form of a working "chroot"
> (which I will happily give it another name as to not confuse it with
> the Unix chroot() call.  Let's say chr00t.).

Umm, guys? Chroot() was a late bolt-on to UNIX that attempted to provide
a best-effort approximation to confinement in a system where it was way
too late to do the real thing.

Are we committed to copying other people's panic patches? Because I'm
thinking that we now know how to do fine grain confinement for real at
essentially zero cost, in a way that still allows for the selective
communication in the ways that Marcus wants to preserve. Dennis didn't
have a choice, because the problem wasn't solved until long after the
core UNIX API was frozen and in any case they didn't have orthogonal
persistence to build on.

There may be a good reason to copy a known bad quick patch when we now
have a better solution, but could somebody explain it to me?



shap