Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!uunet!mcsun!tuvie!mike
From: mike@vlsivie.tuwien.ac.at (Michael K. Gschwind)
Newsgroups: comp.unix.wizards
Subject: Re: Wizard-level questions
Message-ID: <2285@tuvie.UUCP>
Date: 29 Jan 91 11:49:00 GMT
References: <16048@sdcc6.ucsd.edu> <1991Jan26.142403.22812@mp.cs.niu.edu>
Sender: news@tuvie.UUCP
Organization: Vienna University of Technology
Lines: 30

In article <1991Jan26.142403.22812@mp.cs.niu.edu> rickert@mp.cs.niu.edu (Neil Rickert) writes:
>In article <16048@sdcc6.ucsd.edu> cs163wcr@sdcc10.ucsd.edu (I support the U.N.) writes:
>>[1] Can you access a file by its i-node number?  Something like
>>	(for C code) FILE *iopen (int inode, char *mode) ?
>
> I hope not.  Otherwise permissions on directories wouldn't do much.  I
>do think the system design would have been cleaner if you only accessed
>by i-node number, and mapping filename to inode was done outside the kernel.

This is what is done on Apollo's DomainOS UNIX-clone. It is however a
security nightmare. Things like chroot don't work, so you can't support
anonymous ftp et al. Neat idea, but isn't fully UNIX compatible.

>But I doubt that I have many supporters in this "keep the kernel small" view.

I guess there are _lots_ of supporters of this view. The only problem is
that you must strive to keep the security stuff (e.g., filename
translation) INSIDE the kernel, or else you must find a way to write 
trusted servers, libraries etc.

			bye,
				mike


Michael K. Gschwind, Institute for VLSI-Design, Vienna University of Technology
mike@vlsivie.tuwien.ac.at	1-2-3-4 kick the lawsuits out the door 
mike@vlsivie.uucp		5-6-7-8 innovate don't litigate         
e182202@awituw01.bitnet		9-A-B-C interfaces should be free
Voice: (++43).1.58801 8144	D-E-F-O look and feel has got to go!
Fax:   (++43).1.569697