On Sun, Nov 18, 2012 at 07:27:27PM +0000, Julian Yon wrote: > On Sat, 17 Nov 2012 21:45:02 +0000 > David Laight <da...@l8s.co.uk> wrote: > > > On Fri, Nov 16, 2012 at 12:52:30PM +0000, Julian Yon wrote: > > > > > > What does this gain over passing a filename around? (NB. I'm not > > > claiming that's an entirely safe model either, but it's already > > > possible). > > > > You don't need the executable image inside the chroot. > > I don't believe that's intended to be possible, and if it is, I'm not > sure it's a gain.
I actually think it might be, if it didn't run the risk of blowing up code that wasn't written to expect it. If we're going to commit this syscall at all, I think it should be accompanied by a new socket option for unix domain sockets, which defaults to "off", but if explicitly set to "on", allows file descriptors passed across the socket to be used for exec. Thor