From: presotto@plan9.bell-labs.com
To: 9fans@cse.psu.edu
Subject: Re: [9fans] string to list?
Date: Sun, 10 Jun 2001 21:45:35 -0400 [thread overview]
Message-ID: <20010611014537.27D2D199C0@mail.cse.psu.edu> (raw)
[-- Attachment #1: Type: text/plain, Size: 585 bytes --]
Turning off the ability to use pipes and the environment means you
pretty much can't run any programs. Turning of the ability to
open /dev/fd doesn't really save anything since you can always
dup.
The only ones that are really a problem are devproc and devcons. They
are used for access to notes and to console i/o. They were left
on since devcons protects itself, only the host owner can do anything
important, and devproc needs to be linked in anyways so that stuff
like notes works. Access to devproc needs to be rethought. I'm not sure the
right semantics though.
[-- Attachment #2: Type: message/rfc822, Size: 1528 bytes --]
From: Scott Schwartz <schwartz@bio.cse.psu.edu>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] string to list?
Date: Sun, 10 Jun 2001 19:35:27 -0400
Message-ID: <20010610233528.26933.qmail@g.bio.cse.psu.edu>
| You can turn off access to all '#' devices except #{|decp}. Look
| at RFNOMNT on rfork. I believe 'rfork m' in rc does an rfork(RFNOMNT).
The manpage doesn't mention those exceptions. Why can't you turn off
access to them too?
next reply other threads:[~2001-06-11 1:45 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-06-11 1:45 presotto [this message]
-- strict thread matches above, loose matches on Subject: below --
2001-06-10 23:22 presotto
2001-06-10 23:35 ` Scott Schwartz
2001-06-10 22:36 Jonathan Sergent
2001-06-11 0:15 ` Matt
2001-06-11 10:18 ` Laura Creighton
2001-06-11 10:38 ` Matt
[not found] <vikki@proweb.co.uk>
2001-06-10 17:32 ` vikki
2001-06-10 17:47 ` Boyd Roberts
2001-06-10 17:55 ` Boyd Roberts
2001-06-10 18:03 ` Scott Schwartz
2001-06-10 21:48 ` Matt
2001-06-10 22:24 ` Scott Schwartz
2001-06-10 22:30 ` Boyd Roberts
2001-06-10 11:14 Matt
2001-06-10 14:46 ` Boyd Roberts
2001-06-10 21:01 ` Matt
2001-06-10 21:09 ` Boyd Roberts
2001-06-10 15:20 ` andrey mirtchovski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010611014537.27D2D199C0@mail.cse.psu.edu \
--to=presotto@plan9.bell-labs.com \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).