It would be useful to make a precise proposal to eliminate
chroot as a mechanism and use sub-hurds to do the same job.
Then people could look for flaws in it and we could see if
it really works.
I'm not sure what such a proposal would look like, or how one
would find flaws in it.
How would you build a sub-Hurd for real practical use,
More or less like a normal chroot, for a chroot one tends to do the
following:
mkdir foo
copy basic system to foo
chroot foo
for a sub-hurd, the process is similar:
create a file, and mount it on foo
copy basic system to foo
sub-hurd foo
and what sort of holes would be needed to make it work in a case
where you might have used chroot?
One would have to allow access to /servers/socket/2 from the
underlying system to be able to get networking, and probobly other
files as well depending on what one wishes to use the sub-hurd for;
like block devices, normal files, etc.
We would need to modify sub-hurds so that when we start our sub-hurd
we can say that /servers/socket/2 in the sub-hurd should forward all
messages to /servers/socket/2 in the underlying system.
