It occurs to me that this could be used to make fakeroot a lot less ugly internally. It wouldn't need to mess around transforming paths anymore, just union-mount something writable over / in a per-process cloned namespace, fake out permissions checks, and Bob's your uncle :) no harm can be done should the code 'overwrite' /etc/shadow or 'delete' /usr, because trusted code could inspect the writable union target post-'make install' and transfer only those parts which look acceptable onto the underlying filesystem(s).
Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds