Rumor has it that Gerard Beekmans may have mentioned these words:
Bruce Dubbs wrote:
That sounds like a pretty big security hole!
No bigger hole than how ALFS currently works. It just runs whatever
profile you send. You can "rm -r /" and nothing stops that from happening.
This prolly need not be said, but just in case:
I should say whatever programming language, server protocol etc. we decide
on,[1] that the server should be perfectly happy running in a chroot jail.
That way, no matter what, people will be able to set up a "subsystem" that
if / does get blown out, it doesn't take out their entire machine, just the
chroot jail.
I'm always good for stating the obvious.
Laterz,
Roger "Merch" Merchberger
[1] BTW, I'm not against C. I'm just going to be of *very* limited help to
the project if it's chosen... I'll just be the Village Idiot around here.
;-) Don't worry, I'm accustomed to it. :-)
--
Roger "Merch" Merchberger | Anarchy doesn't scale well. -- Me
[EMAIL PROTECTED] |
SysAdmin, Iceberg Computers
--
http://linuxfromscratch.org/mailman/listinfo/alfs-discuss
FAQ: http://www.linuxfromscratch.org/faq/
Unsubscribe: See the above information page
