-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


>>>>> "Steven" == Steven M Bellovin <smb@cs.columbia.edu> writes:
    >> christos suggested we can make the code in login(1) a bit
    >> smarter: it would readlink("/tmp") and if it's a symlink, it
    >> would take the componenet of the link target up to "@uid" (say,
    >> "/private/tmp", in the case of "/private/tmp/@uid") and create
    >> the private temp dir there.
    >> 

    Steven> Maybe we can think a bit more ambitiously about this, and
    Steven> have per-process mounted file systems, similar to Plan 9's.

  "better is the enemy of good enough"

- -- 
]            Bear: "Me, I'm just the shape of a bear."          |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr@xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBRcYKp4CLcPvd0N1lAQLYNQgAgvm9BYdFgDe/xzEV8fzead9lPlZvo03n
fhbyFEVImXUmK2fSg10HdKYETmtKM4cO6a97YT0jEE/+gnOgI9widBRE8bwTqWgB
xvJTsNb2uxhkPqq0nsfxVnK1hl3jf/ZuqhuSrPf7OG/6wxIirw2HJXctzXbYzmjT
gACGirqqxBhiJzSVZBVqsPWswIzJSTCkqyZvGsrkRkFuHq3CTXj3sVY8/F7qvuVG
TVX4Mo8n01aAp1zz1es34n56xQQM+S3cierhZkHa7P/TETFlJ3CM8F+cGtvyWmx7
02Y9JTnjjGnYJ+o27udn1cKrdZbZmNjtwgRokjF4QDIgJk5aSCX6Vw==
=d2sy
-----END PGP SIGNATURE-----