[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: setuid/setgid binaries contained in the Debian repository.


On Mon, Aug 11, 2003 at 09:41:49AM -0400, Matt Zimmerman wrote:

> On Mon, Aug 11, 2003 at 12:34:00PM +0200, Josef Spillner wrote:
> > A separate execution context, isn't it. I already thought about using an 
> > emulator or UML (hi mdz), but it seems to be too hack-ish. Let's see...
> It sounds like what would be better would be a sandboxable virtual machine
> with its own instruction set, preferably one which could be linked into your
> program.  guile can't be easily restricted as far as I know.  java can, but
> I don't know of any implementations which can be easily used in this way.

IMHO, you're only thinking that far because for some reason you don't
trust the separation between uids offered by standard unix, or that it's
impossible to make the transition from one uid to another securely.

Remember, if that cannot be trusted, we're all toast anyway. A *lot* of
unix security depends on this.



E-Advies - Emile van Bergen           emile@e-advies.nl      
tel. +31 (0)70 3906153           http://www.e-advies.nl    

Attachment: pgpb4jgp8LHk6.pgp
Description: PGP signature

Reply to: