lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:	Wed, 12 Nov 2008 18:24:24 -0800
From:	Stephen Hemminger <shemminger@...tta.com>
To:	"Fred ." <eldmannen@...il.com>
Cc:	linux-api@...r.kernel.org, netdev@...r.kernel.org
Subject: Re: /net

On Thu, 13 Nov 2008 02:25:33 +0100
"Fred ." <eldmannen@...il.com> wrote:

> Plan 9 has a /net directory.
> 
> 
> /net is the API for all TCP/IP, and it can be used even with scripts
> or shell tools, writing data to control files to write and read
> connections. Relevant sub-directories like /net/tcp and /net/udp are
> used to interface to prospective protocols. You can implement a NAT by
> mounting a /net from a perimeter machine with a public IP, while
> connecting to it from an internal network of private IP addresses,
> using the Plan 9 protocol 9P in the internal network. Or you can
> implement a VPN by mounting a /net directory from a remote gateway,
> using secured 9P over the public Internet.
> 
> Here would be an example of using union (a stack) directories in /net:
> just like inheritance in OOP, you can take one (possibly remote)
> /special directory and bind another local special directory on top of
> that, adding some new control files and hiding others. The union
> directory now is like a child object instance of the original parent.
> The functionality of the original can be partially modified. Consider
> the /net file system. If you modify or hide its /net/udp sub-directory
> you may control or extend the UDP interface with local filter
> processes, still leaving the original /net/tcp running intact, perhaps
> in a remote machine. Note that name space is per process: if you give
> an untrusted application a limited, modified /net union directory, you
> restrict its access to the net.
> 
> All this makes it easy to combine "objects" or file systems written in
> different languages on different systems, while using standard naming,
> access control and security of the file system, largely transparently
> to the programmer.
> 
> 
> I saw that Linux implemented many things from Plan 9 such as /proc,
> union mounts, etc. Will Linux also implement /net ?

Sure patches accepted for review anytime :-)
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ