Hi! > > The question of protections on the object named /etc/passwd came > > up time and time again. The notion that /etc/passwd could be a > > symlink to /home/smalley/heeheehee really gave evaluators the > > whillies. As did the chroot environment, where /roots/crispin/etc/passwd > > could magicly become /etc/passwd. > Why do people continue speaking symlinks and chroots? > To avoid the effect of symlinks and chroots, AppArmor and TOMOYO Linux > derive pathnames from dentry and vfsmount. > If /etc/passwd was a symlink, the derived pathname will be /home/smalley/heeheehee. > If accessed from inside a chroot, the derived pathname will be /roots/crispin/etc/passwd. > > It is true that namespace may differ between processes, > but I think that that is the matter of how to restrict namespace manipulation operations. > As I said, a system can't survive if namespace is madly manipulated. > To keep the system workable, /bin/ must be the directory for binary programs, > /etc/ must be the directory for configuration files, and so on in all namespaces. Ehm? Where did you get those ideas? I'm free to name my directories any way I want, and keep config files in /pavlix_config, thank you... There is even distro that does something like that, IIRC... Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
