> For the issues being discussed here, I don't think that's materially > different from what we started with; it has the same issue concerning > whether a user should be allowed to change his namespace and whether a > process' namespace should change automatically when another process does > something. > > Here's one more proposal, kind of a compromise among various previous > ones. > > - When you mount(), you say whether the names should be visible by > default or not. It takes system privilege to make them visible by > default, but an ordinary user can mount a willing filesystem over a > directory he's permitted to modify unconditionally, invisible by default
I like the idea of invisible mountpoints. It doesn't even sound as if it would be hard to implement, although Al will surely find a million reasons why it's problematic ;) > - A process can explicitly request to see an invisible-by-default > mounted filesystem. Anyone can do this, but permissions on the root > directory of the mount determine if he can actually see anything. How would you request to make the mountpoint visible from _any_ program. It's not acceptable to expect every program to include a menu, command, etc. to be able to modify the visibility of mountpoints. Would it not be better if you could specify the visibility policy when mounting? Something simple like the user-group-other permission modell would do nicely. That would also have the advantage of being bound to the mountpoint, not the process. Miklos - To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html