From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: Date: Sun, 28 Oct 2007 13:59:48 -0200 From: "Iruata Souza" To: "Fans of the OS Plan 9 from Bell Labs" <9fans@cse.psu.edu> Subject: Re: [9fans] security In-Reply-To: <4724B007.6090908@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <2cc6e509319590eee5371dc0def82e1a@9netics.com> <4724B007.6090908@gmail.com> Topicbox-Message-UUID: dcdbff08-ead2-11e9-9d60-3106f5b1d025 On 10/28/07, don bailey wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > in that case, one should build a sandbox, climb into it and import the > > fs. the potential damage is contained. maybe 9fs should have an > > option to do that. > > > > What if the trojan broke out of that sandbox? Or knows how to > import other parts of the namespace into its process? Namespaces > on Plan 9 are nice, but they absolutely do not constitute a safe > sandbox. Boo easy answers. > ok, so can I suppose you know how to do that? if so, do you have a better idea for sandboxing? if not, maybe it should be good for you to think in terms of what you or someone else already got working instead of saying every little thing that comes on your mind. for example, could you argument (preferably with source code) why namespaces aren't safe sandboxing? if it is that easy as you say it is, I guess you already got ways of bypassing it. iru