Re: setuid/setgid binaries contained in the Debian repository.

To: debian-devel@lists.debian.org
Subject: Re: setuid/setgid binaries contained in the Debian repository.
From: Matt Zimmerman <mdz@debian.org>
Date: Mon, 11 Aug 2003 09:41:49 -0400
Message-id: <[🔎] 20030811134149.GR23819@alcor.net>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] 200308111234.00658.josef@ggzgamingzone.org>
References: <fkJl.2C7.7@gated-at.bofh.it> <[🔎] 200308110945.50230.josef@ggzgamingzone.org> <[🔎] 20030811085650.GA17898@evbergen.xs4all.nl> <[🔎] 200308111234.00658.josef@ggzgamingzone.org>

On Mon, Aug 11, 2003 at 12:34:00PM +0200, Josef Spillner wrote:

> A separate execution context, isn't it. I already thought about using an 
> emulator or UML (hi mdz), but it seems to be too hack-ish. Let's see...

It sounds like what would be better would be a sandboxable virtual machine
with its own instruction set, preferably one which could be linked into your
program.  guile can't be easily restricted as far as I know.  java can, but
I don't know of any implementations which can be easily used in this way.

-- 
 - mdz

Reply to:

Follow-Ups:
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Emile van Bergen <emile-deb@evbergen.xs4all.nl>

References:
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Josef Spillner <josef@ggzgamingzone.org>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Emile van Bergen <emile-deb@evbergen.xs4all.nl>
- Re: setuid/setgid binaries contained in the Debian repository.
  - From: Josef Spillner <josef@ggzgamingzone.org>

Prev by Date: Re: Bug#204422: ITP: debix -- Live filesystem creation tool
Next by Date: Re: setuid/setgid binaries contained in the Debian repository.
Previous by thread: Re: setuid/setgid binaries contained in the Debian repository.
Next by thread: Re: setuid/setgid binaries contained in the Debian repository.
Index(es):
- Date
- Thread