Re: General questions

From: Valdis.Kletnieksat_private
Date: Sun Feb 02 2003 - 22:59:10 PST

  • Next message: Russell Coker: "Re: General questions"

    On Mon, 03 Feb 2003 01:51:44 EST, "Serge E. Hallyn" <hallynat_private>  said:
    
    > (*) Every process sees it's own results at the same filename, so typing
    >   echo /home/$USER/.aliases > /dte/get_type
    >   cat /dte/get_type
    > at a shell returns the (non-existant) results for the new 'cat' process,
    > not the shell.  It's fine if you continue to use a short program to both
    > write the query and obtain the results, but you don't get the
    > plan-9-esque elegance which a pseudo-fs should provide.  Since
    > presumably everyone will be implementing a pseudo-fs soon, and since it
    > seems worthwhile for the modules to each use a similar layout for the
    > pseudo-fs, what do other people think?  Is a /pseudo-fs/pid/filename
    > layout better, or just needless added complexity?
    
    /pseudo/pid/filename - you then DO have to implement proper permission
    checking, but authorized tools can then use it to look at other processes.
    There's already an expectation that things Should Work This Way (see /proc).
    -- 
    				Valdis Kletnieks
    				Computer Systems Senior Engineer
    				Virginia Tech
    
    
    
    

    _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module



    This archive was generated by hypermail 2b30 : Sun Feb 02 2003 - 23:00:32 PST