From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Tue,  9 May 2000 12:55:00 -0400
From: Russ Cox rsc@plan9.bell-labs.com
Subject: [9fans] Plan 9 future (Was: Re: Are the Infernospaces gone?)
Topicbox-Message-UUID: a9004a4a-eac8-11e9-9e20-41e7f4b1d025
Message-ID: <20000509165500.ETlf-rbLdMyNFYocwweD4IZ6vRDM_RPZ8EgP4RvBuIk@z>

  Hmm... OK, so how do you deal with the situation when / is bound onto /mnt
  and luser does chdir("mnt"); n times? You either have to open a DoS
  (kernel memory exhaustion) _or_ forget what n was.

You have users.  They can do whatever they want.
The only difference between denial of service and
legitimate use is intent.  You're trying to protect against
things that you can't fully, at the cost of crippling
the functionality.  There are other ways to induce
kernel memory exhaustion too.  The only way to
protect against all of them is to not let the users
do anything.

  ... I would like to know how do you deal with the situation described
  above. The problem is not implementation-dependent. Again, I can provide
  bind(1) that does the same thing as your bind(1) unless you are trying to
  create a loop. And shell scripts don't do plain syscalls...

To avoid loops, keep a hash table of where you've
been, and don't go to places more than once.  Use
some unique identifier (in Plan 9, the qid and mount
point; in Linux, the inode number perhaps?).

How would bind(1) reproduce the structure?
Is there a way to look at the current namespace?
What if the directories I bound before have been
unmounted from where they came from?

Russ