From: Lucio De Re <lucio@proxima.alt.za>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] getenv/putenv
Date: Mon, 19 Mar 2001 17:21:20 +0200 [thread overview]
Message-ID: <20010319172118.U10659@cackle.proxima.alt.za> (raw)
In-Reply-To: <20010319144040.8224B199D5@mail.cse.psu.edu>; from presotto@plan9.bell-labs.com on Mon, Mar 19, 2001 at 09:40:37AM -0500
On Mon, Mar 19, 2001 at 09:40:37AM -0500, presotto@plan9.bell-labs.com wrote:
>
> I think you're right. We not as env crazy as Unix is so the risk is
> lower but not nonexistant of somehow fooling a program to write
> something, so why have it at all. Anyone else want to comment?
> If not, I'll just check for '/' in getenv/putenv names and punt
> if I find one.
Maybe unrelated to the above, and maybe not altogether, although
I can't quite make the connection (been up too long :-)
Been thinking that there ought to be an API/9P function to "drop"
irrecoverably parts of the user namespace. Make them go away in
a particular context. You can always mount a lower branch and make
the rest go, if you want to. Maybe even keep the mount point but
make its contents invisible, or whatever (this last could be done
as things stand now, in a practical sense, bit it is reversible,
which I think should not be the case).
Of course, such a feature may already exist and I'm just displaying
my ignorance, but I have thought about it and nothing I've looked
at seemed to do the trick. If on the other hand you Bell Labs
folks have looked at it already and discarded it as possibility,
I would be curious to know why. From my point of view it is an
interesting way to provide a degree of security and protection,
specially against trojan horses.
++L
next prev parent reply other threads:[~2001-03-19 15:21 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-03-19 14:40 presotto
2001-03-19 15:21 ` Lucio De Re [this message]
2001-03-19 15:58 presotto
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010319172118.U10659@cackle.proxima.alt.za \
--to=lucio@proxima.alt.za \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).