On Mon, Jul 13, 2009 at 7:16 PM, ron minnich<rminn...@gmail.com> wrote: > On Mon, Jul 13, 2009 at 3:18 PM, J.R. Mauro<jrm8...@gmail.com> wrote: > >> We hope to. One of the reasons it would actually be unwise to let >> anyone mount anything now is that no one uses per-process namespaces. >> That's probably fine on your desktop, but not on a server where 20 >> people try to mount something under /mnt/foo or whatnot. > > Could we solve this by making private mounts the default (or only > allowed) behavior?
It would be nice to fix up mounts so that you didn't need to be root and all that crap, and then make it the default, but I doubt Linus would let it fly. I get the feeling that private namespaces are viewed like chroots: a security feature no one but pros needs. Unfortunately not many linux devs seem to care about plan 9, and that has a negative impact on how much stuff can happen. Hopefully we'll gradually wear them down, or keep a minifork/patchset. > > That's how I did it long ago: it took real effort to make a mount non-private. > > ron > >
