> On Oct 3, 2015, at 14:41, Brandon Allbery <allber...@gmail.com> wrote: > > On Sat, Oct 3, 2015 at 2:39 PM, Clemens Lang <c...@macports.org > <mailto:c...@macports.org>> wrote: > > Same thing, but as seen in the 2nd case, no com.apple.rootless attribute, no > > restricted (or hidden) flags. :-) > > Mounts are a nice idea, but not possible without root privileges, and that > leaves > out everybody that uses a user-only installation of MacPorts. So this could > only > be done as an optimization, and I'm not sure it's worth it then. Cache > invalidation would definitely be easier with it, though… > > ...but at some point the NFS server must access the file, in the original > filesystem where all of those exist and will be enforced. >
But it's so easy to test that theory: :-) sh-3.2# dtruss /bin/sh dtrace: failed to execute /bin/sh: dtrace cannot control executables signed with restricted entitlements sh-3.2# dtruss /net/localhost/bin/sh sh-3.2# SYSCALL(args) = return thread_selfid(0x0, 0x0, 0x0) = 867702 0 csops(0x0, 0x0, 0x7FFF563BF720) = 0 0 issetugid(0x0, 0x0, 0x7FFF563BF720) = 0 0
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ macports-users mailing list macports-users@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/macports-users
