help-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Running custom base servers


From: Marcus Brinkmann
Subject: Re: Running custom base servers
Date: Wed, 2 Apr 2003 15:40:44 +0200
User-agent: Mutt/1.5.3i

On Wed, Apr 02, 2003 at 02:31:49PM +0200, Ludovic Courtès wrote:
> Currently, the exec server seems to be the only base server which can be
> dynamically changed by setting the appropriate environment variable (at
> least theoritically since this code is commented out).

CRASHSERVER should work.  That is, currently core dumping crashes the kernel
anyway, but at least CRASHSERVER env variable should be honored.

EXECSERVER is disabled because of unspecified security concerns.

Other servers like auth, proc and init are set per-task (see fakeauth for
example).  I am not sure what the story is with init.

What else is there?  password, socket and defpager.
Well, ok.  It's probably harmless for those to be overridable.
Esp socket would be useful, I guess, although I am not sure about the exact
syntax, as you'd probably want it to be replacable on a per protocol basis.
 
> If a user wants to use a custom base server (one of those that lie
> in /servers) instead of/stacked on top of the original equivalent
> Hurd server, the only solution would be to chroot to an environment
> where the root is a unionfs of the real root filesystem and of a
> user-provided servers directory.  Thus, the C library (and other
> programs) would transparently use the user-provided servers.
>
> However, would unionfs be able to "override" the original /servers
> directory with the user-provided directory?  In short, would it really
> work as expected? ;)

Yes, this should work, although it is probably better to make it a default
feature of the Hurd whereever possible, so just setting environment
variables works, too.  Note that you must then be more careful about suid
programs (while in the chroot case suid programs will be taken care of by
the filesystem they are on, ie the root filesystem - they will not see the
unionfs at all).

Thanks,
Marcus


-- 
`Rhubarb is no Egyptian god.' GNU      http://www.gnu.org    marcus@gnu.org
Marcus Brinkmann              The Hurd http://www.gnu.org/software/hurd/
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de/




reply via email to

[Prev in Thread] Current Thread [Next in Thread]