From: David G. <dg...@co...> - 2007-08-25 17:25:19
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thomas Leonard wrote: [...] > I've recently added the <overlay> binding element to the spec to allow > feeds to say that they need this: Hurray! [...] > However, it's not yet implemented. We need to decide which of the many > systems to use! This Klik2 wiki page has a summary of the options: [...] > Any thoughts? The obvious thing to do is to make the runtime modular enough that you ca= n drop in any sane unionfs system and have it work. In terms of actual technology, then if the host OS provides a real unionf= s, then that would be preferable; failing that, ptrace is probably the way t= o go. (ptrace is a bit slower than FUSE but easier to use and doesn't require r= oot privileges. See http://www.am-utils.org/project-goanna.html, but they hav= en't released any code yet; however, I've been in touch with the plasticfs guy= who's definitely interested in changing his code from LD_PRELOAD to ptrac= e.) LD_PRELOAD should not be used for anything, IMO --- because it operates a= t a library level rather than a syscall level it doesn't work on programs tha= t make syscalls directly --- such as any static binary. This means that fakechroot needs to be considered advisory only, and has no meaningful security aspects. (Also, the glibc people are planning on deprecating LD_= PRELOAD.) - -- =E2=94=8C=E2=94=80=E2=94=80 =EF=BD=84=EF=BD=87=EF=BC=A0=EF=BD=83=EF=BD=8F= =EF=BD=97=EF=BD=8C=EF=BD=81=EF=BD=92=EF=BD=8B=EF=BC=8E=EF=BD=83=EF=BD=8F=EF= =BD=8D =E2=94=80=E2=94=80=E2=94=80 http://www.cowlark.com =E2=94=80=E2=94= =80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80= =E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2=94=80=E2= =94=80 =E2=94=82 =E2=94=82 "There does not now, nor will there ever, exist a programming l= anguage in =E2=94=82 which it is the least bit hard to write bad programs." --- Flon= 's Axiom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFG0GXtf9E0noFvlzgRAlcWAKCED7UmWUgoa65HErjX9xceoVWoGACgslTi xv+9B6n75bo8KIlvTO/Jf1Y=3D =3D6zHD -----END PGP SIGNATURE----- |