Any process X can get a new copy of the namespace of a target
process Y by writing the string "clone" to the ns file of Y.
The same user must own both processes.
The process writing the ns file must be allowed to mount.
The Pgrp of the calling process is then replaced with a new copy of
the Pgrp of the target process.
After the operation, any change done by X to its own namespace does
not affect Y. Also, if mount was forbidden for Y, it will also be
forbidden for X after the clone.
There are a few issues with Plan 9's `access`:
- it has side effects: to test the actual access (that the file
servers can allow or deny according to complex custom rules)
it opens and then closes the file, allocating (and disposing) the fd
- it does not work on directories, since
- they cannot be opened for writing, despite the fact that to
create a file in a directory you must be granted write access on
that directory
- they cannot be opened for execution, despite the fact that to
access a file in a directory you must be granted execution access
on that directory
Despite the fact that `access` (even on UNIX) is a violation of the
"tell, don't ask" principle (the access could be forbidden just after
its successful return, making subsequent `open` fail anyway), this
fact smells of a little design error in the file interface.
So, right now we choose to let the libposix's `access` lie on directories:
it will always return 0 on AWRITE and AEXEC for them, accepting that
a successive create/mkdir may fail.
However, a cleaner file API and protocol should allow a simpler `access`
to be implemented for directories too.