current-users: Re: HEADS UP: migration to fully dynamic linked "base" system

Subject: Re: HEADS UP: migration to fully dynamic linked "base" system
To: Johnny Billquist <bqt@update.uu.se>
From: Jason R Thorpe <thorpej@wasabisystems.com>
List: current-users
Date: 08/27/2002 09:30:36

On Tue, Aug 27, 2002 at 05:55:37PM +0200, Johnny Billquist wrote:

 > Look, I didn't want to take the security discussion, but if you insist...
 > Yes, you are most likely hosed if your libc becomes compromised.
 > But you have to realize it as well. Without /bin and /sbin dynamically
 > linked, they are more protected anyhow, and can be more trusted (even
 > though that's no guarantee either), and you can perhaps make it back from
 > there. With dynamically linked stuff, you'll have to revert to
 > /rescue.

How is reverting to /rescue any different than reverting to /bin and /sbin?

 > Heck, you're talking to someone who have a tradition of physically
 > write-protect drives with "interesting" binaries on public systems...
 > (Another reason I don't like PC hardware; where is the write protect
 > switch? :-)

There is almost always a jumper on the drive for this.

-- 
        -- Jason R. Thorpe <thorpej@wasabisystems.com>