On Sat, 2009-01-03 at 16:46 -0500, erik quanstrom wrote:
> > while replying to Nathaniel's post it dawned on
> > me that something like this:
> > open("#c/cons", OWRITE|OCEXEC);
> > completely breaks the paradigm of namespaces.
> >
> > IOW, if I wanted to construct a namespace with
> > a specially crafted server offering /dev/cons,
> > the above would easily break out of that jail.
>
> see RFNOMNT in rfork(2).
Did you see the example I provided in the original
email? "rfork m" is *exactly* RFNOMNT. And it doesn't
seem to work for one simple reason: RFNOMNT doesn't
restrict bind(2).
So the question still stands.
Thanks,
Roman.
