GNOME.org
 

Re: Requesting help on using g_threads with clone()

On 05/10/2011 05:54 PM, Paul Davis wrote:

On Tue, May 10, 2011 at 7:53 PM, Venkateswararao Jujjuri
<jvrao linux vnet ibm com>  wrote:

Resending after subscribing to the list:


First time writing to this list. Appreciate any help/pointers.

We are considering glib threads for developing a secure user space
file-server.
In this effort, we would like to use clone(2) system call which performs
a chroot(/exported/path)
followed by g_thread_pool_new(). The threads created will inherit the
chroot'ed name
space and hence we are are creating a secure zone of exported region for
the fileserver to operate.

its not clear to me that you understand what clone does or its
relationship to threads.

Thanks for asking.

why do you think you should use clone(2),
This file server will be exporting multiple paths. Say, /mnt/exp1 , /mnt/exp2. We need to create 'jail's for each of these exported paths so that the client requests will get executed by a set of threads only in that chroot'ed region.
fFileserver calls clone, chroot(), new thread pool for each exported region. 
All the work for that exported path will be carried out by threads created
by that particular cloned/chrooted process.

We can't chroot the main process as this server will be
serving multiple exports and it is part of QEMU. Hence clone.

Hope I addressed your questions.


and why do you plan to
create a thread pool after calling it?
Because these threads will have a different name space whose root is say, /mnt/exp1. If any operation tries to access out side this exported region.. it will fail. Basically highly secure. 
in addition, terminology like "demonize" doesn't really apply to threads.
Yeah. Sorry for the choice of that word... used it for the lack of a better word. So basically I want to know if there is any way the pool stays active even after 
the process created it exits.

Thanks,
JV
[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]