From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.0 required=5.0 tests=DKIM_INVALID,DKIM_SIGNED,
	NICE_REPLY_A,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no
	version=3.4.4
Received: (qmail 17769 invoked from network); 31 May 2022 16:08:43 -0000
Received: from 9front.inri.net (168.235.81.73)
  by inbox.vuxu.org with ESMTPUTF8; 31 May 2022 16:08:43 -0000
Received: from mail.posixcafe.org ([45.76.19.58]) by 9front; Tue May 31 12:05:18 -0400 2022
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=posixcafe.org;
	s=20200506; t=1654013114;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=Q8toPLDbj7xBoSkWiRNaQhrTJrQ7oehygRLSOKmRxts=;
	b=VouJg9nFa9W78UvPO4VvFZR3eP2ffNoSQn5QZeMPJZuAj4sFmrecwHKwfUUqU/lD9Iw6i2
	qxDux5DZeWCORyo5oesvR2KWJmN7YqJK9e8Y/5sEyG4B2eDqNQKZDZGit3+Pvp55p1WNN/
	JVuQr2HBwnJumGHOeAXHn13JuutZlpU=
Received: from [192.168.168.200] (161-97-228-135.lpcnextlight.net [161.97.228.135])
	by mail.posixcafe.org (OpenSMTPD) with ESMTPSA id d0086c13 (TLSv1.3:TLS_AES_256_GCM_SHA384:256:NO)
	for <9front@9front.org>;
	Tue, 31 May 2022 11:05:14 -0500 (CDT)
Message-ID: <fa5b5eb1-bf4e-ba56-6922-1f3bca25824e@posixcafe.org>
Date: Tue, 31 May 2022 10:04:50 -0600
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101
 Thunderbird/91.8.1
Content-Language: en-US
To: 9front@9front.org
References: <b3419c6e-04a8-69f0-f7da-badbf0721155@posixcafe.org>
 <847F45EC7225C1D0B69E796B69D6E3ED@eigenstate.org>
 <CAFSF3XOFoOwjY+SDNyDVo8dL8-VM_Y4uBjc=Q_GoqG5PCM2-eA@mail.gmail.com>
 <475b654b-641e-6f08-c5bc-bcf6aab4f51a@posixcafe.org>
From: Jacob Moody <moody@mail.posixcafe.org>
In-Reply-To: <475b654b-641e-6f08-c5bc-bcf6aab4f51a@posixcafe.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: base realtime-java XML self-signing storage 
Subject: Re: [9front] [PATCH] private /srv attach option
Reply-To: 9front@9front.org
Precedence: bulk

On 5/31/22 09:09, Jacob Moody wrote:
> I explicitly do not want chdev to proliferate to every program on the system like openBSD's pledge. It is designed to be used at the very edge

To clarify, I dont think this is something we should absolutely avoid. I just dont want to feel like we need to touch every program on the system.
But I have put in some thought to how we would go about this if we wanted to more closely emulate it:

* chdev could grow a -c flag for setting permissions of it's child.
	Child would be defined as the direct RFCNAMEG namespace descendant. Default
	would be to inherit parents unless it was been explicitly set otherwise.
	This allows a child to have more capabilities then the parent.

* /dev/drivers could be moved to it's own driver
	This would make it a bit nicer for removing the ability to further modify
	the set of capabilities of it's child. It being bundled in the devcons
	kind of muddies this.


Some more food for thought.

Thanks,
moody