2006-08-11 13:56:28

by Nicolas George

[permalink] [raw]
Subject: Automatic namespace switch

Hi.

I was wondering about one particular feature extending namespaces
functionalities: automatic namespace switching. The principle would be: a
process references several namespaces. One of these namespaces is the actual
namespace the process is living in. During the process lifespan, various
events can cause it to automatically switch to another of its namespaces.

The type of event I am especially interested in is the execve()ing of a
32bit file in the case of the x86_64 architecture: the init process creates
two namespaces, one mounting a 64bit /usr and a 32bit /usr/32 (or maybe
another name), the other mounting the 32bit in /usr and the 64bit in
/usr/64, both sharing /home, /tmp and part of /var. When a program available
only in 32bit is needed, it is exec()ed in /usr/32/bin/ (which is probably
in the PATH), and that fact causes the process to switch to the 32bit
namespace, where the program will find all its libraries and data at the
expected place.

Such a feature would require careful examination about the security
implication. But I believe it may help to make the transition to pure 64bit
systems (which, I fear, will be long) smoother.

Does anyone have remarks about such an idea, be it to explain why it is
stupid?

Regards,

--
Nicolas George


Attachments:
(No filename) (1.25 kB)
signature.asc (185.00 B)
Digital signature
Download all attachments