[EMAIL PROTECTED] (Niels M�ller) writes: > [EMAIL PROTECTED] (Thomas Bushnell, BSG) writes: > > > A cautionary note: In Unix, you can use chroot as a security feature > > because of this fact. In the Hurd, however, there are other ways to > > get back the original system root directory, so chroot is no longer > > as useful for security purposes. > > How? The ability for a process to irrevocably destroy some of its > capabilities is a nice thing to have. E.g. closing the process' > root-fs port.
You ask the proc server for the "standard init ports". I agree that it can be nice to irrevocably destroy capabilities, but it's not that simple in the Hurd, alas. _______________________________________________ Help-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/help-hurd
