Marcus Brinkmann <[EMAIL PROTECTED]> writes: > The active translator problem seems serious to me. Without any > guarantee about the implementation of a service, you can not know what > it does. This means that you must be prepared for any malicious > behaviour, including: no response (stalling the client), infinite > virtual directory tree, confusing inode numbers and link counts, > rapidly changing filesystem structure (to trigger race conditions) etc > etc. > > This is why in FUSE, users don't see the user filesystems of other > users. I am afraid that given the seriousness of the problem, this is > the only sane option. Only with a broader semantic framework can you > re-enable sharing on a case by case basis.
This was discussed on bug-hurd before. Doesn't the proposed solution of making it possible for the user to configure which translators are trusted and which are not? For example, I could configure I only want to follow translators set by root and myself. -- Marco _______________________________________________ Bug-hurd mailing list Bug-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/bug-hurd
