| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Aug 2012 19:40:28 +0100 From: Alan Cox <alan@...rguk.ukuu.org.uk> To: "H. Peter Anvin" <hpa@...or.com> Cc: Stanislav Kinsbursky <skinsbursky@...allels.com>, Trond.Myklebust@...app.com, davem@...emloft.net, linux-nfs@...r.kernel.org, eric.dumazet@...il.com, xemul@...allels.com, netdev@...r.kernel.org, linux-kernel@...r.kernel.org, bfields@...ldses.org, viro@...iv.linux.org.uk, tim.c.chen@...ux.intel.com, devel@...nvz.org Subject: Re: [RFC PATCH 0/2] net: connect to UNIX sockets from specified root > > AF_UNIX between roots raises some interesting semantic questions when > > you begin passing file descriptors down them as well. > > Why is that? A file descriptor carries all that information with it... Things like fchdir(). It's not a machine breaking problem but for containers as opposed to chroot we need to be clear what the expected isolation sematics are. Agreed on open() for sockets.. the lack of open is a Berklix derived pecularity of the interface. It would equally be useful to be able to open "/dev/socket/ipv4/1.2.3.4/1135" and the like for scripts and stuff That needs VFS changes however so you can pass the remainder of a path to a device node. It also lets you do a lot of other sane stuff like open /dev/ttyS0/9600/8n1 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists