From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <0b8f4b1ddf8e16d6b52a713b01ee2e92@terzarima.net> From: Charles Forsyth Date: Sun, 28 Oct 2007 20:37:14 +0000 To: 9fans@cse.psu.edu Subject: Re: [9fans] security In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Topicbox-Message-UUID: dd3422e6-ead2-11e9-9d60-3106f5b1d025 >Or knows how to > import other parts of the namespace into its process? that can itself only be done through the name space, so the program can only do that if the means are provided in the name space it was given. the existence of `name spaces' by itself does nothing for security (which is one reason adding them to linux does nothing very much that way), but because in plan 9 most (but not all) system services are ultimately accessed and controlled using names in a name space, controlling the name space goes a long way to avoiding having to deal with each thing separately (let alone having to worry about combinations of them). name spaces don't stop all irregular behaviour (rfork would need to be controlled, for instance if you were to run arbitrary programs), but it's possible to make statements about what a program can or cannot do based on what it's given in its name space.