On Wed, Dec 24, 2008 at 12:53:06AM +0100, Francisco J Ballesteros wrote:
> You can post a fd at /srv for others to use

/srv is not an ideal answer, though it is the one I feared would be given.
/srv allows any process running as a given user to access the posted fd, and
does not respect namespace or process group boundaries.  I want a mechanism
to pass a file descriptor to one target process so that I can pass an fd
across namespaces without giving _all_ namespaces access to said fd.

A /srv that 1) was not enumerable, 2) allowed only single opens, and 3) used
secure identifiers (capabilities, similar to devcap) would suffice, as
processes could post an fd to recieve an identifier, pass the identifiers to
another process, and then turn the identifier into an fd.

--nwf;