[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Hurd Projects

From: Thomas Bushnell, BSG
Subject: Re: Hurd Projects
Date: 01 Jan 2002 11:46:39 -0800
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.1 (Niels M繹ller) writes:

> (Thomas Bushnell, BSG) writes:
> > A cautionary note: In Unix, you can use chroot as a security feature
> > because of this fact.  In the Hurd, however, there are other ways to
> > get back the original system root directory, so chroot is no longer
> > as useful for security purposes.
> How? The ability for a process to irrevocably destroy some of its
> capabilities is a nice thing to have. E.g. closing the process'
> root-fs port.

You ask the proc server for the "standard init ports".

I agree that it can be nice to irrevocably destroy capabilities, but
it's not that simple in the Hurd, alas.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]