From mboxrd@z Thu Jan  1 00:00:00 1970
To: 9fans@cse.psu.edu
Subject: Re: [9fans] Private Namespaces for Linux
From: David Gordon Hogan <dhog@plan9.bell-labs.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
Message-Id: <20011120225405.6E1E219A77@mail.cse.psu.edu>
Date: Tue, 20 Nov 2001 17:54:01 -0500
Topicbox-Message-UUID: 25c78132-eaca-11e9-9e20-41e7f4b1d025

> set-uid is stupid. So I don't allow it.

Plan 9 doesn't even have set-uid.

But I think you misunderstand.  There are two problems to
be addressed: (1) rogue fileservers serving up set-uid files
(not a problem for 9P, but relevant to Unix-based protocols
like NFS...); (2) attacks like the following:

	$ bind /tmp/passwd /etc/passwd
	$ su

Disallowing su, passwd, sendmail, etc etc isn't really a solution...