Re: halted firewalls
On 2/24/07, Alexander Klauer <Graf.Zahl@gmx.net> wrote:
I've just read that article and I'm not entirely convinced of
the theoretical security implications stated, in particular,
what does the author mean by "having removed all process space"?
I'm actually not doing this for the improved security in ithis particular case.
As this is a home LAN, I don't have tons of room/pc's. So the gateway in this
case is just another pc, and using this idea I wouldn't have to boot this pc for
no other reason than "gatewaying". So it's mostly to avoid running the gateway,
because of the added noise, etc.
My understanding (which might be wrong) was that once the kernel
launches the INIT task, the whole runlevel and boot/shutdown
stuff is a user space thing.
What do you mean by that? Does that change the situation?