Date: Thu, 10 Apr 2003 00:28:04 -0700 From: David Schultz <das@FreeBSD.ORG> To: Alfred Perlstein <bright@mu.org> Cc: Mike Barcroft <mike@FreeBSD.ORG> Subject: Re: cvs commit: src/usr.bin/killall killall.1 killall.c src/usr.sbin Makefile src/usr.sbin/jail jail.8 jail.c src/usr.sbin/jexec Makefile jexec.8 jexec.c src/usr.sbin/jls Makefile jls.8 jls.c Message-ID: <20030410072804.GA2084@HAL9000.homeunix.com> In-Reply-To: <20030409233505.GH30960@elvis.mu.org> References: <20030409230425.GB1280@garage.freebsd.pl> <Pine.NEB.3.96L.1030409191320.31027B-100000@fledge.watson.org> <20030409233505.GH30960@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 09, 2003, Alfred Perlstein wrote: > * Robert Watson <rwatson@FreeBSD.org> [030409 16:24] wrote: > > > > On Thu, 10 Apr 2003, Pawel Jakub Dawidek wrote: > > > > > > And there can't be names spoofing. (If, ofcourse '.' is invalid char in > > > jail name:)). > > > > Sounds reasonable to me, although a bit more trouble to parse and render > > :-). > > And what kind of path seperator is '.'? Well *someone* has never seen TOPS 20. ;-) FWIW, I've implemented a similar system of hierarchical protection boundaries before, and I wound up doing the parsing in userland and passing an array of integers to the kernel. (I limited the depth to 8, which is kludgy but sufficient in practice.) For what I was doing race conditions were not an issue, but they might be problematic here.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030410072804.GA2084>