Subject: Re: HEADS UP: migration to fully dynamic linked "base" system
To: Johnny Billquist <firstname.lastname@example.org>
From: Jason R Thorpe <email@example.com>
Date: 08/27/2002 09:30:36
On Tue, Aug 27, 2002 at 05:55:37PM +0200, Johnny Billquist wrote:
> Look, I didn't want to take the security discussion, but if you insist...
> Yes, you are most likely hosed if your libc becomes compromised.
> But you have to realize it as well. Without /bin and /sbin dynamically
> linked, they are more protected anyhow, and can be more trusted (even
> though that's no guarantee either), and you can perhaps make it back from
> there. With dynamically linked stuff, you'll have to revert to
How is reverting to /rescue any different than reverting to /bin and /sbin?
> Heck, you're talking to someone who have a tradition of physically
> write-protect drives with "interesting" binaries on public systems...
> (Another reason I don't like PC hardware; where is the write protect
> switch? :-)
There is almost always a jumper on the drive for this.
-- Jason R. Thorpe <firstname.lastname@example.org>