client <-> server interaction in C

Gerard Beekmans gerard at linuxfromscratch.org
Tue Nov 22 11:29:35 PST 2005


Bruce Dubbs wrote:
> That sounds like a pretty big security hole!

No bigger hole than how ALFS currently works. It just runs whatever 
profile you send. You can "rm -r /" and nothing stops that from happening.

This method of the client sending a finished script ready for execution 
doesn't have to be a security hole. A client authenticates with the 
server. If you are trusted, you can make the server do whatever you want 
it to. If you mess up, well it's no different than you typing "rm -r /" 
by accident as root. Either way you have to be careful what you are doing.

-- 
Gerard Beekmans

/* If Linux doesn't have the solution, you have the wrong problem */




More information about the alfs-discuss mailing list