From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <458d6ee210e735a9603280e2af71077e@quanstro.net> To: 9fans@9fans.net From: erik quanstrom Date: Tue, 23 Dec 2008 20:39:27 -0500 In-Reply-To: <20081224011053.GP9593@masters10.cs.jhu.edu> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: Re: [9fans] sendfd() on native Plan 9? Topicbox-Message-UUID: 6ea5f5fa-ead4-11e9-9d60-3106f5b1d025 > /srv is not an ideal answer, though it is the one I feared would be given. > /srv allows any process running as a given user to access the posted fd, and > does not respect namespace or process group boundaries. I want a mechanism > to pass a file descriptor to one target process so that I can pass an fd > across namespaces without giving _all_ namespaces access to said fd. > > A /srv that 1) was not enumerable, 2) allowed only single opens, and 3) used > secure identifiers (capabilities, similar to devcap) would suffice, as > processes could post an fd to recieve an identifier, pass the identifiers to > another process, and then turn the identifier into an fd. on unix, which is not a distributed system, passing fds around makes a certain amount of sense. in plan 9, i would think that the ideal answer would need to allow for the unrelated processes running on seperate machine. i would also think that it would allow the standard authentication mechanisms to work. fds really don't fit either one of those criteria. but we're talking generalities. what's the specific application? - erik