From owner-freebsd-arch  Sat Jul 15 22:36: 2 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from rover.village.org (rover.village.org [204.144.255.49])
	by hub.freebsd.org (Postfix) with ESMTP
	id CBF7B37BA49; Sat, 15 Jul 2000 22:35:57 -0700 (PDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (harmony.village.org [10.0.0.6])
	by rover.village.org (8.9.3/8.9.3) with ESMTP id XAA74170;
	Sat, 15 Jul 2000 23:35:56 -0600 (MDT)
	(envelope-from imp@harmony.village.org)
Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id XAA50733; Sat, 15 Jul 2000 23:35:37 -0600 (MDT)
Message-Id: <200007160535.XAA50733@harmony.village.org>
To: Brian Fundakowski Feldman <green@FreeBSD.ORG>
Subject: Re: SysctlFS 
Cc: freebsd-arch@FreeBSD.ORG
In-reply-to: Your message of "Sat, 15 Jul 2000 21:14:17 EDT."
		<Pine.BSF.4.21.0007152020060.877-100000@green.dyndns.org> 
References: <Pine.BSF.4.21.0007152020060.877-100000@green.dyndns.org>  
Date: Sat, 15 Jul 2000 23:35:36 -0600
From: Warner Losh <imp@village.org>
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

In message <Pine.BSF.4.21.0007152020060.877-100000@green.dyndns.org> Brian Fundakowski Feldman writes:
: On Sat, 15 Jul 2000, Warner Losh wrote:
: 
: > In message <Pine.BSF.4.21.0007151907310.877-100000@green.dyndns.org> Brian Fundakowski Feldman writes:
: > : On Sat, 15 Jul 2000, Robert Watson wrote:
: > : 
: > : > On Sat, 15 Jul 2000, Brian Fundakowski Feldman wrote:
: > : > 
: > : > > We could create a way for jailed processes to "break out" into the
: > : > > canonical name space. This is a description of possible semantics for
: > : > 
: > : > What canonical namespace would that be?
: > : 
: > : Unless you can think of anything else that could possibly be the
: > : canonical namespace, struct vnode *rootvnode.
: > 
: > Put another way...
: > 
: > If we have a jail that lives in /foo/bar, and we have ways to
: > symboliclly link outside /foo/bar, that's a big problem.
: 
: Why? It's got exactly the same considerations as the "true" root being
: able to mount(2) things into a jail or mknod(2).

You shouldn't be able to mount thinks in jail or mknod.  While in
jail, you cannot do a mknod right now.  While in jail, you can't do a
mount.

Creating holes in this scheme makes me extremely nervous.

: > Also, you really don't want too many devices in a jail's /dev tree.
: > You really wouldn't want devfs for jail unless you could limit it
: > severely.  And that's going to be hard to write, I think.
: 
: But you could create multiple mounts (instances) of devfs which each
: contain a specific subset of the devfs proper and do the "symlink
: breakout" accordingly :)  An aspect of jail classes, if you will.

Why bother with a symlink?  Why not have a reference to the real
dev_t?

Warner


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message