help-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: If QNX is successful, why NOT GNU Microkernels


From: Niels Möller
Subject: Re: If QNX is successful, why NOT GNU Microkernels
Date: 27 Jan 2004 13:08:31 +0100
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

Olivier Galibert <galibert@pobox.com> writes:

> Well, the main questions I see that I was unable to find a good answer
> about last time I looked were:
> 
> - when doing a find, how do you recognize a translator you want to
>   follow from one you don't, especially since it varies depending on the
>   reason of the find.

You should be able to get find and other programs to not follow
translators at all (using O_NOTRANS). That's the crucial part. I'm not
sure exactly how you would to it, but -mount/-xdev should probably
imply that mode of operation.

More fine grained configuration is possible but not implemented.

> - what happens to translators through nfs or other networked
>   filesystems

Not sure what you mean here.

> - who runs a translator, with what environment (very important with
>   shared libs), with what parameters (if any).

Passive translators are the interesting case, I think. They are
started with the privileges of the user who owns the node on which the
translator is installed (and that's also the only user (besides root)
that can install the translator there in the first place). Assuming
that the parent filesystem has enough privileges itself to arrange
that.

It inherits its environment, root directory and other stuff from its
parent file system. It doesn't inherit anything from the process that
makes the file system access that makes the filesystem start the
translator.

So installing a translator on a node is much like making a binary
setuid. Except that the environment in which the process will run is
much more tightly controlled, so in that respect it's more like a
server listening on an AF_UNIX socket, and started on demand when
anybody tries to connect.

/Niels




reply via email to

[Prev in Thread] Current Thread [Next in Thread]