From mboxrd@z Thu Jan 1 00:00:00 1970 From: Dave Eckhardt Subject: Re: [9fans] https/factotum question To: 9fans@cse.psu.edu In-Reply-To: <110ac39c99871b98c5739a23de17b6e2@swtch.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <6196.1140651074.1@piper.nectar.cs.cmu.edu> Date: Wed, 22 Feb 2006 18:31:15 -0500 Message-ID: <6197.1140651075@piper.nectar.cs.cmu.edu> Topicbox-Message-UUID: 048f0be6-ead1-11e9-9d60-3106f5b1d025 > your only option is to open the fd for mounting the secret > factotum, then call becomenone(), then mount the fd, which > is still open but otherwise inaccessible to you. That is sort of what I meant. So I'd need a command line flag which would open a service file descriptor (e.g., /srv/factotum but maybe something else) and then mount it in the address space afterward. I wonder how much of it I could do with a shell script and a custom namespace file, i.e., open the service descriptor as /fd/NN and then in the namespace file mount /fd/NN as /mnt/factotum? > the web server isn't signing pages, just that the connection > is to the right machine. One of the things I like about Plan 9 is that in theory sealed name spaces should enable genuine "least privilege" protection domains in a way that Unix can't do, and I'd kind of like to push that envelope a bit. Dave Eckhardt