On Sun, 7 Nov 1999, Sean Eric Fagan wrote:
> I don't, but what I like doesn't matter, it seems -- Warner knows everything.
> So I'm sure he knows better than I do the overhead this will impose, and the
> impracticality in a general system.
>
> Unix really isn't set up to carry around 'official pathnames,' due to the
> existence of symlinks and other fun stuff. Other systems are set up for this
> -- my favourite was EMBOS, by ELXSI -- and there are some _really_ nifty
> things you can do, if you have it. (Watchdogs and program-based-access-lists
> are my two favourite, the latter allowing you to get rid of SUID/SGID in many
> cases. There is a paper available on implementing watchdogs under unix
> [4.2bsd, I believe] that discusses some of this. If you're willing to cover
> 60-80% of the cases, instead of 95-100%, it's considerably easier.)
>
The _REALLY_ obvious solution to this is to find the real path on exec()
and store the pointer in proc. How is this full of "overhead" and
"impractical"?
--
Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! /
[EMAIL PROTECTED] `------------------------------'
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
