From: Eric Van Hensbergen <ericvh@gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Subject: Re: [9fans] v9fs question
Date: Tue, 14 Jul 2009 09:26:19 -0500 [thread overview]
Message-ID: <a4e6962a0907140726g73ddb87p32f64046c4e80fea@mail.gmail.com> (raw)
In-Reply-To: <481af4553e8634d02adcbb5a858e926f@quanstro.net>
On Tue, Jul 14, 2009 at 8:23 AM, erik quanstrom<quanstro@quanstro.net> wrote:
>> Main annoyance is the lack of a proper srv device in Linux to
>> facilitate sharing already open connections. This is t a problem for
>> per-user mounts --- but is a problem for private namespaces. You can
>> use p9p srv as mentioned elsewhere in this thread, but then you incur
>> some additional overhead.
>
> unless this is unmanagable slowness, wouldn't worring about
> performance at this stage only stand in the way of getting
> something working?
>
Is something not working? My understanding of the situation is that
many folks have a workable solution with p9p. The issues are ones of
security, convenience and potentially performance. I'm not really a
security expert, so I'll refrain from commenting on the first issue
outside of the fact that there are concerns with the use of setuid
applications, public mount points, and user-space managed connections
to file systems (the latter only being a concern if the file system in
question is the root partition).
Outside of security, the option of tighter auth integration (via the
keyring mechanism and fixing 9p.auth in v9fs) with the kernel module
is primarily a convenience issue with a side-dish of performance.
All that being said, I have no issues with the private mount approach,
and have advocated it both via a paper
(http://citeseer.ist.psu.edu/746023.html) and in the LKML mailing list
discussions on removing privilege restrictions from the Linux mount
system call.
-eric
next prev parent reply other threads:[~2009-07-14 14:26 UTC|newest]
Thread overview: 65+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-07-11 18:46 Tim Newsham
2009-07-11 18:50 ` Eric Van Hensbergen
2009-07-11 19:03 ` Tim Newsham
2009-07-11 19:47 ` Eric Van Hensbergen
2009-07-11 20:03 ` J.R. Mauro
2009-07-12 3:19 ` Uriel
2009-07-13 8:24 ` sqweek
2009-07-13 8:51 ` hiro
2009-07-13 14:20 ` Eric Van Hensbergen
2009-07-13 20:44 ` hiro
2009-07-13 21:45 ` hiro
2009-07-13 22:05 ` Eric Van Hensbergen
2009-07-13 22:18 ` J.R. Mauro
2009-07-13 23:16 ` ron minnich
2009-07-13 23:22 ` Eric Van Hensbergen
2009-07-13 23:37 ` ron minnich
2009-07-13 23:47 ` Eric Van Hensbergen
2009-07-13 23:41 ` J.R. Mauro
2009-07-13 23:50 ` erik quanstrom
2009-07-14 0:00 ` J.R. Mauro
2009-07-14 0:06 ` erik quanstrom
2009-07-14 0:01 ` Eric Van Hensbergen
2009-07-14 0:08 ` ron minnich
2009-07-14 0:46 ` J.R. Mauro
2009-07-14 0:42 ` J.R. Mauro
2009-07-14 0:58 ` Eric Van Hensbergen
2009-07-14 1:28 ` Latchesar Ionkov
2009-07-14 1:35 ` Devon H. O'Dell
2009-07-14 2:05 ` Tim Newsham
2009-07-14 0:42 ` Tim Newsham
2009-07-14 0:50 ` erik quanstrom
2009-07-14 0:56 ` Eric Van Hensbergen
2009-07-14 4:51 ` lucio
2009-07-14 4:29 ` lucio
2009-07-14 4:26 ` lucio
2009-07-13 22:00 ` Eric Van Hensbergen
2009-07-14 19:05 ` sqweek
2009-07-14 20:11 ` Eric Van Hensbergen
2009-07-13 14:59 ` lucio
2009-07-13 15:04 ` Eric Van Hensbergen
2009-07-13 15:08 ` Latchesar Ionkov
2009-07-13 19:51 ` Tim Newsham
2009-07-14 7:34 ` sqweek
2009-07-14 11:08 ` roger peppe
2009-07-14 11:20 ` hiro
2009-07-14 12:48 ` Eric Van Hensbergen
2009-07-14 15:45 ` ron minnich
2009-07-14 16:31 ` Tim Newsham
2009-07-14 20:21 ` roger peppe
2009-07-14 13:10 ` Eric Van Hensbergen
2009-07-14 13:23 ` erik quanstrom
2009-07-14 14:26 ` Eric Van Hensbergen [this message]
2009-07-14 14:44 ` erik quanstrom
2009-07-14 14:33 ` Latchesar Ionkov
2009-07-14 14:54 ` Eric Van Hensbergen
2009-07-14 15:01 ` erik quanstrom
2009-07-14 15:13 ` Eric Van Hensbergen
2009-07-14 15:19 ` erik quanstrom
2009-07-14 15:37 ` Eric Van Hensbergen
2009-07-14 16:12 ` erik quanstrom
2009-07-14 16:19 ` Eric Van Hensbergen
2009-07-14 15:06 ` Latchesar Ionkov
2009-07-14 15:48 ` ron minnich
2009-07-14 15:59 ` Eric Van Hensbergen
2009-07-14 14:37 ` Latchesar Ionkov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=a4e6962a0907140726g73ddb87p32f64046c4e80fea@mail.gmail.com \
--to=ericvh@gmail.com \
--cc=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).