From mboxrd@z Thu Jan 1 00:00:00 1970 Date: Fri, 5 Dec 2008 21:24:14 -0800 From: Roman Shaposhnik In-reply-to: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Message-id: <9364844C-2046-4E9E-B007-40F770B9B8B0@sun.com> MIME-version: 1.0 Content-type: text/plain; delsp=yes; format=flowed; charset=US-ASCII Content-transfer-encoding: 7BIT References: <1aac8590e5d726419683d3f01a9d11f1@quanstro.net> Subject: Re: [9fans] How to implement a moral equivalent of automounter in Plan9? Topicbox-Message-UUID: 5bcf997c-ead4-11e9-9d60-3106f5b1d025 On Dec 2, 2008, at 5:36 PM, Dan Cross wrote: > On Tue, Dec 2, 2008 at 7:07 PM, erik quanstrom > wrote: >> currently one can prevent external changes to a >> namespace by creating a unique ns with rfork. >> if /proc/$pid/ns were writable, one would not not >> be possible without yet another mechanism. > > chmod? I guess it comes back to, "How do you define external." If > you mean another process owned by the same user, then it breaks down > (hello trojan horse). > > There are many things that would be *possible* with /proc, some of > them ill advised. For instance, why can't I 'mkdir /proc/n/' and have > it create a new process? There's an aswer to that given by Ken in the Plan 9 paper: http://www.cs.bell-labs.com/sys/doc/9.html: ----------------------------------------------------------------------------------------------------- Nonetheless, it is possible to push the idea of file-based computing too far. Converting every resource in the system into a file system is a kind of metaphor, and metaphors can be abused. A good example of restraint is/proc, which is only a view of a process, not a representation. To run processes, the usual fork and exec calls are still necessary, rather than doing something like cp /bin/date /proc/clone/mem ------------------------------------------------------------------------------------------------------ Thanks, Roman. P.S. I suppose one might argue that it is also an answer to *my* original question -- /proc//ns is just a representation.