15 May
2019
15 May
'19
2:51 p.m.
On 2019-05-15, Christian Brauner christian@brauner.io wrote:
On Wed, May 15, 2019 at 04:00:20PM +0200, Yann Droneaud wrote:
Would it be possible to create file descriptor with "restricted" operation ?
- O_RDONLY: waiting for process completion allowed (for example)
- O_WRONLY: sending process signal allowed
Yes, something like this is likely going to be possible in the future. We had discussion around this. But mapping this to O_RDONLY and O_WRONLY is not the right model. It makes more sense to have specialized flags that restrict actions.
Not to mention that the O_* flags have silly values which we shouldn't replicate in new syscalls IMHO.
--
Aleksa Sarai
Senior Software Engineer (Containers)
SUSE Linux GmbH
https://www.cyphar.com/