client <-> server interaction in C
gerard at linuxfromscratch.org
Tue Nov 22 11:29:35 PST 2005
Bruce Dubbs wrote:
> That sounds like a pretty big security hole!
No bigger hole than how ALFS currently works. It just runs whatever
profile you send. You can "rm -r /" and nothing stops that from happening.
This method of the client sending a finished script ready for execution
doesn't have to be a security hole. A client authenticates with the
server. If you are trusted, you can make the server do whatever you want
it to. If you mess up, well it's no different than you typing "rm -r /"
by accident as root. Either way you have to be careful what you are doing.
/* If Linux doesn't have the solution, you have the wrong problem */
More information about the alfs-discuss