>> * whether the name in question is within the process' current >> root (forbidding fchdir and fchroot otherwise). > Definitely.
I'm actually not convinced this is so obviously a good thing. I see an analogy between root directories and UIDs. We have chroot(), and we have setuid() - but we also have setreuid(). I can see potential use for chroot-hopping between multiple directories. I'm not sure NetBSD should support that. But I'm not sure it should forbid it, either. I'm not sure how I'd design an interface for it, but it might be worth thinking about when implementing whatever NetBSD eventually decides on. /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mo...@rodents-montreal.org / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B