ref: 3ea628211585265e010bd3ec888b85a23831cf58
parent: d984bc03cb18599766d752b4622f5d527e900933
author: kvik <kvik@a-b.xyz>
date: Mon Oct 5 08:10:28 EDT 2020
pin: don't fork the namespace by default Forking the namespace for a newly created pinned process makes sense if perfect isolation from a parent is wanted or needed. However, doing this by default prevents implementing a very useful namespace lifting technique, where a process such as a shell is pinned but doesn't fork the namespace, thus enabling anyone who can attach to this shell a control over a foreign namespace -- something that generally isn't possible to do in Plan 9. This technique and examples are explained in the following article: http://docs.a-b.xyz/namespace-lifting.html Not forking the namespace also follows the behaviour of the usual tools such as the shell, which never fork if not explicitly told to do so. This way, at least namespace-wise, running normal rc versus pinned rc is equivalent. Users can easily `rfork n` when the namespace forking *is* needed, which also makes things more transparent.
--- a/rc/pin
+++ b/rc/pin
@@ -1,5 +1,5 @@
#!/bin/rc
-rfork en
+rfork e
flagfmt = 'n:noattach, w:write, m:mtpt mtpt'
args = 'name [command]'