On Tue, Mar 10, 2015 at 11:03:12AM +0000, Ed Schouten wrote: > Systems like FreeBSD's Capsicum and Nuxi CloudABI apply the concept of > capability-based security on the way processes can interact with the > filesystem API. It is no longer to interact with the VFS through calls > like open(), unlink(), rename(), etc. Instead, processes are only > allowed to interact with files and directories to which they have been > granted access. The *at() functions can be used for this purpose.
This doesn't make sense to me. All those functions can be used with both absolute and relative path names. So why do you force use of *at(), when arguments relative to CWD already fall into the restricted category? Joerg _______________________________________________ cfe-commits mailing list [email protected] http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
