On Thursday 23 August 2007 17:26, David Given wrote:
Don Armstrong wrote:
[...]
The people who have responded to you so far strongly suspect that it's
not worth the effort, but without knowing why the glibc we already
distribute can't be used, it's hard for us to give you a definitive
On 24/08/07 at 01:26 +0100, David Given wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Don Armstrong wrote:
[...]
The people who have responded to you so far strongly suspect that it's
not worth the effort, but without knowing why the glibc we already
distribute can't be used,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Lucas Nussbaum wrote:
[...]
Then what about using ptrace and overriding syscalls in the way
usermodelinux used to do it?
Yes, indeed; that is currently looking like the best approach. Not only does
it provide the low-level interface that upstream
On Fri, Aug 24, 2007 at 12:23:39PM +0100, David Given wrote:
(Incidentally, the more I look at fakechroot the more I'm coming to believe
that it's no use for anything whatsoever. The security aspects of it are...
erm... nil; it's trivial for the client app to break out of its jail. Is this
a
On Thu, 23 Aug 2007 22:26:35 +0100
David Given [EMAIL PROTECTED] wrote:
Please can you give the details of why this is necessary?
It's an LD_PRELOAD hack. When glibc calls itself --- for example when fopen()
calls open() --- it does so using a hidden private interface, which means the
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Neil Williams wrote:
[...]
Do the work and come back to the list with
a detailed reasoning for what is a MAJOR packaging decision. This isn't
yet another customised version of a package it is a COPY of GLIBC!
Don't shout at me, please.
Yes, I am
On Fri, 24 Aug 2007, David Given wrote:
Currently I am merely trying to figure out whether upstream's idea
of using a customised glibc is possible on Debian
It's always possible to do so. However, actually doing so requires
that you convince the security team, the maintainer(s), and the
release
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Don Armstrong wrote:
[...]
The people who have responded to you so far strongly suspect that it's
not worth the effort, but without knowing why the glibc we already
distribute can't be used, it's hard for us to give you a definitive
answer.
8 matches
Mail list logo