client <-> server interaction in C
zmerch at 30below.com
Tue Nov 22 11:47:30 PST 2005
Rumor has it that Gerard Beekmans may have mentioned these words:
>Bruce Dubbs wrote:
>>That sounds like a pretty big security hole!
>No bigger hole than how ALFS currently works. It just runs whatever
>profile you send. You can "rm -r /" and nothing stops that from happening.
This prolly need not be said, but just in case:
I should say whatever programming language, server protocol etc. we decide
on, that the server should be perfectly happy running in a chroot jail.
That way, no matter what, people will be able to set up a "subsystem" that
if / does get blown out, it doesn't take out their entire machine, just the
I'm always good for stating the obvious.
Roger "Merch" Merchberger
 BTW, I'm not against C. I'm just going to be of *very* limited help to
the project if it's chosen... I'll just be the Village Idiot around here.
;-) Don't worry, I'm accustomed to it. :-)
Roger "Merch" Merchberger | Anarchy doesn't scale well. -- Me
zmerch at 30below.com. |
SysAdmin, Iceberg Computers
More information about the alfs-discuss