* Ruud de Rooij said: > > You need to get a root shell WITHOUT a reboot. So you need roots > > shell to be static, and you need a static su, and a static sulogin. > > And how are you going to become root on a system if noone is logged in? You > need a static getty, a static login, or, if you want to do it remotely, a > static inetd, a static telnetd, or a static sshd. And so on. Like I said in > my previous message. Not all of them have to be static. getty is still in memory, login should be static, (x)inetd is in memory, sshd as well. As someone before pointed it out ssh has a capability of invoking an arbitrary utility on the remote machine (and it doesn't use login in v2). > Besides, if it is your webserver you are worrying about, you do realize it > can't run CGI scripts anymore, if libc is hosed. I doubt sendmail or any other > mail server will continue to work if libc is hosed either. Well, everything in that matter can be configured so that it will work without dynamic linking. CGI scripts, for one, can be replaced by scripts written in PHP (with an server-embedded interpreter), or you can use embedded perl for Apache. Also a httpd such as roxen is a good choice - it has many things configured internally and doesn't fork processes for new connections. But all this is another story and doesn't belong here :)) marek
Attachment:
pgpAFg0IhLqLY.pgp
Description: PGP signature