Re: setuid/setgid binaries contained in the Debian repository.
On Mon, Aug 11, 2003 at 12:34:00PM +0200, Josef Spillner wrote:
> A separate execution context, isn't it. I already thought about using an
> emulator or UML (hi mdz), but it seems to be too hack-ish. Let's see...
It sounds like what would be better would be a sandboxable virtual machine
with its own instruction set, preferably one which could be linked into your
program. guile can't be easily restricted as far as I know. java can, but
I don't know of any implementations which can be easily used in this way.
--
- mdz
Reply to: