From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: References: Date: Tue, 19 Jul 2011 10:50:29 +0300 Message-ID: From: Eugene Gorodinsky To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [9fans] novel userspace paradigms introduced by plan 9 Topicbox-Message-UUID: 03d3dc4e-ead7-11e9-9d60-3106f5b1d025 One could probably create several fileservers that provide access to the syscalls through the file interface, run them while the system still is in single user mode, then restrict access to those system calls through the capabilities system. I haven't tried it though, so I can't tell for sure, but, from the looks of it, it is possible. 2011/7/18 Charles Forsyth : > that's certainly a restriction, but a bigger one is that name spaces > really come into their own when many, even most, resources are represente= d > through the name space, and it makes sense to remap the name space to cha= nge > the actual resources accessed through a name. on Linux, significant thing= s > are accessed through special system calls and mechanisms, and not through > its name space. > > ---------- =D0=9F=D0=B5=D1=80=D0=B5=D1=81=D1=8B=D0=BB=D0=B0=D0=B5=D0=BC= =D0=BE=D0=B5 =D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B5=D0=BD=D0=B8=D0=B5 -------= --- > From:=C2=A0Eugene Gorodinsky > To:=C2=A0Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> > Date:=C2=A0Mon, 18 Jul 2011 11:32:17 +0300 > Subject:=C2=A0Re: [9fans] novel userspace paradigms introduced by plan 9 > That would be the only problem, yeah. > > 2011/7/17 Charles Forsyth : >>>CLONE_NEWNS? >> >> privileged processes only >> >> >