Subject: Re: HEADS UP: migration to fully dynamic linked "base" system
To: Jason R Thorpe <email@example.com>
From: Johnny Billquist <firstname.lastname@example.org>
Date: 08/27/2002 18:36:22
On Tue, 27 Aug 2002, Jason R Thorpe wrote:
> On Tue, Aug 27, 2002 at 05:55:37PM +0200, Johnny Billquist wrote:
> > Look, I didn't want to take the security discussion, but if you insist...
> > Yes, you are most likely hosed if your libc becomes compromised.
> > But you have to realize it as well. Without /bin and /sbin dynamically
> > linked, they are more protected anyhow, and can be more trusted (even
> > though that's no guarantee either), and you can perhaps make it back from
> > there. With dynamically linked stuff, you'll have to revert to
> > /rescue.
> How is reverting to /rescue any different than reverting to /bin and /sbin?
*Sigh* I've already gone through at least three times why I consider
/rescue to be a bad thing. Do I really need to do this again?
> > Heck, you're talking to someone who have a tradition of physically
> > write-protect drives with "interesting" binaries on public systems...
> > (Another reason I don't like PC hardware; where is the write protect
> > switch? :-)
> There is almost always a jumper on the drive for this.
Hmmm. I seem to remember that I perhaps have seen one on SCSI drives,
yes. But SCSI isn't really PC hardware, even though it's close.
But I don't think I like having to go in and add/remove jumpers every time
I need to update something on my disk, and there are no switches available
on a PC box.
Johnny Billquist || "I'm on a bus
|| on a psychedelic trip
email: email@example.com || Reading murder books
pdp is alive! || tryin' to stay hip" - B. Idol