From: Enrico Scholz (enrico.scholz_at_sigma-chemnitz.de)
Date: Wed 22 Oct 2003 - 18:03:53 BST
jack_at_solucorp.qc.ca (Jacques Gelinas) writes:
>> 1) set\control
>> 2) get info
>> 3) get command version.
> /proc should be used to do most of that.
No, it is a pain for userspace tools to generate the control-commands
and yet more pain to parse the results: there are lots of syscalls
(open,read,close) involved (which can fail), buffer-sizes can not be
determined in ahead, int->string and string->int conversions are
needed, and the buffer itself must be parsed to get the position of
This /proc-parsing method requires a proc-filesystem also, which
may be missing in chroots. Within vserver-chroots, /proc-parsing
can make attacks possible when a /proc directory with malicious
entries will be generated.
Syscalls are *much* more agreeably for userspace-tools.
> In the kernel, we only spit the various commands available and
> their version and userland tools can parse that. We keep the
> bload out of the kernel.
Implementing the parsing of 'set' commands would be much more
Vserver mailing list