On Fri, Jun 25, 2010 at 09:02:34AM -0400, Matthew Mondor wrote: > On Fri, 25 Jun 2010 14:51:45 +0200 > Joerg Sonnenberger <jo...@britannica.bec.de> wrote: > > > On Thu, Jun 24, 2010 at 10:55:51PM -0400, Thor Simon wrote: > > > Can anyone tell me why, exactly, we shouldn't remove bound AF_LOCAL > > > sockets from the filesystem on last close? > > > > If you want to do that, wouldn't it be easier to just go the Linux route > > and move them into a separate (virtual) namespace completely? > > Could this not pose security risks in certain scenarios? Or would such > a namespace also support permissions?
Permissions are easy. What is more difficult is how to change them externally. It could still provide a virtual filesystem for that part of the management, just that it doesn't really do anything. Joerg