On Wednesday May 23 2007 06:29:01 pm Jan Dvořák wrote: > Robert Connolly wrote: > > Do any of you know assembly well enough to convert this: > > http://www.linuxfromscratch.org/~robert/new/dd.asm > > to something gcc can compile? And remove all the options, making bs=1 the > > default, and 'dd from-file to-file' the only thing it does. > > Oh man. Do we *really* need asm? I don't think so. If you consider libc > unsecure, just forget about secure system. Make it simplest read/write C > with hardcoded paths. That's tough enough for anyone to crack.
/bin/dd works fine, but with very small and specific things like this it's nice to have the option of assembly. > Or even better, just leave sysklogd running under root and chroot it > only. What do we have GRSecurity chroot limits for then ensuring root > won't escape from jail? I have both klogd and syslogd running as normal users in empty chroots, with the combination of Owl's and Ubuntu's patches. I'm having a problem with the bootscript though, because 'dd' has to run in the background and I don't know how to kill it safely when shutting down sysklogd. Is there a shell varable for the pid returned after starting a program? robert
pgpgEdc56WNOJ.pgp
Description: PGP signature
-- http://linuxfromscratch.org/mailman/listinfo/hlfs-dev FAQ: http://www.linuxfromscratch.org/faq/ Unsubscribe: See the above information page
