-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Lucas Nussbaum wrote: [...] > Then what about using ptrace and overriding syscalls in the way > usermodelinux used to do it?
Yes, indeed; that is currently looking like the best approach. Not only does it provide the low-level interface that upstream wants, but it also works on statically bound binaries and on anything else that makes syscalls directly. I'm a little worried about performance, but it can't be that bad or UML wouldn't use it. I'll suggest it to upstream. Thanks for the link. (Incidentally, the more I look at fakechroot the more I'm coming to believe that it's no use for anything whatsoever. The security aspects of it are... erm... nil; it's trivial for the client app to break out of its jail. Is this a potential problem?) - -- ┌── dg@cowlark.com ─── http://www.cowlark.com ─────────────────── │ │ "There does not now, nor will there ever, exist a programming language in │ which it is the least bit hard to write bad programs." --- Flon's Axiom -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGzr+7f9E0noFvlzgRAnMFAKCp0NxkOWgEW4XMNFeHg0CaViWlqwCg0S45 unlRqCTamPtiz0Q8tjZ2spU= =X2Ph -----END PGP SIGNATURE-----