> I think Jay's concern with IA32/AMD-64 is that if someone does inject > precompiled binaries, he doesn't want them to actually be able to run. > There are folk who will argue that getting the right precompiled > binaries is trivial.
So run everything network facing in Hercules, and hercules chrooted to a nobody user in a chroot dir containing only the hercules environment and support files. Pass the handle of the tunnel device in as a file descriptor with a hack and off you go. Been there done that 8) Alan ---------------------------------------------------------------------- For LINUX-390 subscribe / signoff / archive access instructions, send email to [EMAIL PROTECTED] with the message: INFO LINUX-390 or visit http://www.marist.edu/htbin/wlvindex?LINUX-390