On Mon, 2009-01-05 at 11:00 +0000, roger peppe wrote: > i've sometimes thought that the trick used by #d etc could > be made more transparent by providing a genuine capability > service for fds, in the form of a system call, for instance > > getfdcap(int fd, char *buf, int len) > > then instead of just writing the fd itself, you'd write > the capability - thus the write can bridge several > namespaces, as long as it ends up in the same kernel, > which can then utilise the capability. > > the fact that this also provides the possibility of implementing > sendfd might or might not be an advantage.
In light of the recent discussion, I now see how providing this basic capability could be a very useful building block for the rest of the system. Not in a sense, that it'll be plugging a particular gaping hole, but rather that thrown into the mix, it might help foster better ideas/implementations. Thanks, Roman.
