ng outside the chroot, the
> process needs a port to the outside filesystem...
You are right. I previously tried to hack Glibc chroot routine to preserve
the original root port before changing root, so I can escape, but right, it
is certainly what chroot considers and wants to prevent.
Regards,
Wei Shen
ng each overriding server in the overriding list defined by
> SERVERS_SOCKET_INET, until the first existing overriding server is found (or
> none is found).
>
> The modified hurd/hurdsock.c is attached to this mail. I have tested it
> with Glibc-2.5.
>
>
Regards,
Wei Shen
hurdsock.c
Description: Binary data
may be bind about
this. Consider that, a suid program relys on the infromation (like network
configuration in the case of socket servers) returned by a default server to
make some security decisions ...
Regards,
Wei Shen
___
Bug-hurd mailing list
Bug-hurd@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-hurd
#x27;/';
+ np -= sizeof (_SERVERS_SOCKET) - 1;
+ memcpy (np, _SERVERS_SOCKET, sizeof (_SERVERS_SOCKET) - 1);
+ server = __file_name_lookup (np, 0, 0);
+ }
if (domain <= max_domain)
servers[domain] = server;
}
On 7/23/07, Wei Shen <[EMAIL PROTECTED]> wrote:
Hi all,
I made a
ed it with
Glibc-2.5.
Regards,
Wei Shen
/* _hurd_socket_server - Find the server for a socket domain.
Copyright (C) 1991,92,93,94,95,97,99 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
modify
Hi,
> I proposed two solutions in last mail. In solution a), the translator is
> > started chrooted. So the file node, parent, and target are
> respectively:
> > /foo, /, and / in its eyes; and /chroot/foo, /chroot, and /chroot in
> > reality.
>
> > I am not sure if this translator can still ser
On 6/21/07, Neal H. Walfield <[EMAIL PROTECTED]> wrote:
> Ok, I got it. I will consider to support the file descriptor
reprentation,
> but will not implement complex semantics as redirection first.
Redirection is a shell feature. If you support the file descriptor
representation, then you can
On 6/21/07, Neal H. Walfield <[EMAIL PROTECTED]> wrote:
At Thu, 21 Jun 2007 15:37:49 +0800,
> Could you please give some explanation on "PFINETSERVER=fd:3 myprog
> 3
Ok, I got it. I will consider to support the file descriptor reprentation,
but will not implement complex semantics as redirecti
ibute to the translator when it is
started, and the translator should add the chroot path in front of any path
argument ("/" in this scenario) given to it. So the command to start
firmlink equals "/hurd/firmlink /chroot/"
Approach b) requires the awareness and cooperatio
On 6/21/07, Neal H. Walfield <[EMAIL PROTECTED]> wrote:
At Thu, 21 Jun 2007 00:09:45 +0800,
Wei Shen wrote:
> I still think there are ways to solve this problem. For example, the fs
> server can add an virtual root argument to the passive translator, and
the
> translator (which
On 6/20/07, Neal H. Walfield <[EMAIL PROTECTED]> wrote:
At Wed, 20 Jun 2007 15:16:38 +0800,
Wei Shen wrote:
> I read the section. I am not quite clear about the storage of a file's
> translator attributes (I presume that a translator can not be associated
> with a file node
about the Hurd philosophy.
As for the chroot approach, I think we may not expect a new name space but a
more flexible way to overriding individule servers in many cases.
Wei Shen
___
Bug-hurd mailing list
Bug-hurd@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-hurd
On 6/20/07, Neal H. Walfield <[EMAIL PROTECTED]> wrote:
A nice feature would be the option to use a file descriptor rather
than a symbolic name. This could take the form fd:X where X is some
number. This allows for selected access delegation (consider:
SERVERS_SOCKET_PFINET=fd:3 prog 3
I re
Hi,
On 6/20/07, Neal H. Walfield <[EMAIL PROTECTED]> wrote:
> (1) Add a set of new environment variables, e.g. PFINETSERVER for
the pf_inet server and PFLOCALSERVER for the pf_local server.
We should have consistent naming between node names and environment
variables. The default node names
nse, I would like to have a try
on the work once more.
Thanks,
Wei Shen
___
Bug-hurd mailing list
Bug-hurd@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-hurd
g.
Thanks,
Wei Shen
___
Bug-hurd mailing list
Bug-hurd@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-hurd
comments on my ideas :-)
(The URL to the application can be found from my comment submitted in the
Google SoC application page)
Special thanks for [EMAIL PROTECTED], who helps a lot promote my
thoughts.
Regards,
Wei Shen
___
Bug-hurd mailing list
Bug
ent variables. Using them is not
user-friendly, and not good for control.
Thanks again for your advice. Discussion with you give me much help.
Regards,
Wei Shen
___
Bug-hurd mailing list
Bug-hurd@gnu.org
http://lists.gnu.org/mailman/listinfo/bug-hurd
Hi,
Thanks for your advice.
On 3/25/07, [EMAIL PROTECTED]
On Sat, Mar 24, 2007 at 06:00:24PM +0800, Wei Shen wrote:
> 2) Let the root fs server judge which server port to return on a
> specific name qurry.
> 3) Modify hurd_file_name_lookup function in the C lib. If necessary,
>
control the use of server overriding is needed. This task
actually is about designing a framework for service multi-instance.
Regards,
Wei Shen
On 3/23/07, Thomas Schwinge <[EMAIL PROTECTED]> wrote:
Hello Wei Shen!
Thanks for your interest!
> I choose a task from your task list
control the use of server overriding is needed. This task
actually is about designing a framework for service multi-instance.
Regards,
Wei Shen
On 3/23/07, Thomas Schwinge <[EMAIL PROTECTED]> wrote:
Hello Wei Shen!
Thanks for your interest!
> I choose a task from your task list
21 matches
Mail list logo
