>This is somewhat difficult or impossible to do in a conformant way. >Each open file has a device and inode number which cannot change for >its lifetime, which are important identifiers that may be used in >security-critical ways.
In this (DNIX) system the file was not 'open' at the user level, and as a resident of swap space it didn't really have a device or an inode. (As data/bss segments did not. Just memory pages backed to a blocking store.) Even if it were required to have dev/inode, perhaps to support /proc/X/exe, why could it not get a new assignment on the swap device? (Essentially automating what we all have to do by hand now.) Perhaps there is some esoteric security protocol that would be confused by this, but one could argue that that protocol was overly system-sensitive. What ongoing security check would be required for an already-executing process? -- Jim _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
