Re: Using fs views to isolate untrusted processes: I need an assistantarchitect in the USA for Phase I of a DARPA funded linux kernel project

From: Hans Reiser
Date: Thu Aug 26 2004 - 04:43:57 EST

Next message: Christoph Hellwig: "Re: silent semantic changes with reiser4"
Previous message: Christoph Hellwig: "Re: silent semantic changes with reiser4"
In reply to: Hans Reiser: "Re: Using fs views to isolate untrusted processes: I need an assistantarchitect in the USA for Phase I of a DARPA funded linux kernel project"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Rik van Riel wrote:

On Sun, 1 Aug 2004, Hans Reiser wrote:

You can think of this as chroot on steroids.

Sounds like what you want is pretty much the namespace stuff
that has been in the kernel since the early 2.4 days.

No need to replicate VFS functionality inside the filesystem.

It differs in that it has masks (view specifications), they scale well, their collection and specification is well automated, and they are attached to the process executable rather than in some centralized place (that is, they are process oriented not object oriented (traditional) and not centralized. Users without root can use them and be trusted with the power to do so.

Hans
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Christoph Hellwig: "Re: silent semantic changes with reiser4"
Previous message: Christoph Hellwig: "Re: silent semantic changes with reiser4"
In reply to: Hans Reiser: "Re: Using fs views to isolate untrusted processes: I need an assistantarchitect in the USA for Phase I of a DARPA funded linux kernel project"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]