From mboxrd@z Thu Jan  1 00:00:00 1970
MIME-Version: 1.0
In-Reply-To: <634dfe943e8336054b4bb624596e421c@quanstro.net>
References: <df49a7370905050820t21be1d39q2dd93bfae6de54d7@mail.gmail.com>
	<634dfe943e8336054b4bb624596e421c@quanstro.net>
Date: Tue,  5 May 2009 16:44:27 +0100
Message-ID: <df49a7370905050844w5848295k20e5e7109144378b@mail.gmail.com>
From: roger peppe <rogpeppe@gmail.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [9fans] problems with redirection in rc
Topicbox-Message-UUID: f64d5796-ead4-11e9-9d60-3106f5b1d025

in that case, surely it'd be trivial to make a root-suid
executable that allows namespace manipulation in
a non-sensitive area (e.g. /mnt)? maybe it could
be distributed as part of p9p meaning hacks like
$NAMESPACE could go away under linux.
maybe it already has been, and i'm as ignorant as usual.

2009/5/5 erik quanstrom <quanstro@quanstro.net>:
>> yes. it gets around the fact that linux doesn't have per-process namespa=
ces
>> (well if it does, plan9port doesn't use them), so there's no easy
>> way to have a different /dev/label for each 9term.
>
> linux does have per-process namespaces. =C2=A0unfortunately, since linux
> security depends on the namespace, you are not allowed to use
> per process namespaces unless you're the superuser.
>
> - erik
>
>