[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: chroot issues and http://tri-ceps.blogspot.com/2007/07/theory-of-fil
|
From: |
Alfred M. Szmidt |
|
Subject: |
Re: chroot issues and http://tri-ceps.blogspot.com/2007/07/theory-of-filesystem-relativity .html |
|
Date: |
Tue, 18 Sep 2007 21:42:48 +0200 (CEST) |
I think people are concentrating on the outdated chroot model far to
much. The Hurd already has a immensly secure way to create a secure
box from which one cannot escape, it is called a sub-hurd.
It would be useful to make a precise proposal to eliminate chroot as a
mechanism and use sub-hurds to do the same job. Then people could look
for flaws in it and we could see if it really works.
I'm not sure what such a proposal would look like, or how one would
find flaws in it. A sub-hurd is a completely seperate system running
within a system. It has a completely seperate space, and does not
share anything with the host system, not even devices (hence the need
to somehow poke holes in a sub-hurd so devices can be shared).
It is like emulating a system within a system, but without emulating
the hardware. Where as a chroot simply changes where / is located (in
very simplistic terms).