client <-> server interaction in C

Roger Merchberger zmerch at
Tue Nov 22 11:47:30 PST 2005

Rumor has it that Gerard Beekmans may have mentioned these words:
>Bruce Dubbs wrote:
>>That sounds like a pretty big security hole!
>No bigger hole than how ALFS currently works. It just runs whatever 
>profile you send. You can "rm -r /" and nothing stops that from happening.

This prolly need not be said, but just in case:

I should say whatever programming language, server protocol etc. we decide 
on,[1] that the server should be perfectly happy running in a chroot jail. 
That way, no matter what, people will be able to set up a "subsystem" that 
if / does get blown out, it doesn't take out their entire machine, just the 
chroot jail.

I'm always good for stating the obvious.

Roger "Merch" Merchberger

[1] BTW, I'm not against C. I'm just going to be of *very* limited help to 
the project if it's chosen... I'll just be the Village Idiot around here. 
;-) Don't worry, I'm accustomed to it. :-)

Roger "Merch" Merchberger   | Anarchy doesn't scale well. -- Me
zmerch at         |
SysAdmin, Iceberg Computers

More information about the alfs-discuss mailing list