-----BEGIN PGP SIGNED MESSAGE-----
That was part of it, the other part is the thought that the computer is
there to run userspace code. If init dies, there is nothing to run so the
kernel should reboot to try and get things working again. (at least this
is what came up when this was mentioned a couple of weeks ago)
Both very valid points, but in some cases the old method gives advantages
David Lang
On Fri, 12 Mar 1999, Jason Haar wrote:
>
> On Thu, Mar 11, 1999 at 05:26:38PM -0500, Allen Jantzen wrote:
> > I really have to thank you for pointing this out. This is _very_
> > interesting.
> >
> > With a well-designed set of firewall rules, it seems like this can give
> > you a _very_ secure firewall. Do you suppose this was an oversight on
> > the part of the folks who do linux distributions on which this works?
>
> In fact as I recall, this was first reported as a security _hole_ as people
> normally think that when a computer is shut down, then network connectivity
> doesn't exist either (concerns regarding a non-secure machine connected to
> the Internet being turned off, but still routing packets).
>
> It's good to see a security hole turned into a security feature :-)
>
> Nice bit of lateral thinking...
>
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQEVAwUBNuio+D7msCGEppcbAQHG9wf/dNS7S6tcNZO+BOrRW3ESssSj6l6BsIsy
Yk7WnxvFStAStb7JcQqB/b2TFj1AgP9y8pmtnRKfV2YhagFIsslU/dhntQZtcQ2K
vazLjDoSUFN/641bNyYWprqotaA1t0MjUJ4z2TZpp19lrthTnxQTPMF2N61qWcW4
ustHTMeceri3e9bsgJtqjzDhgsm8SMW3C71WcEIOb28e8mM8QqI5XtolJHpCq0X4
6pgXhg1bhpFt1/UbTIkk1dItUCLqEVBMIBk+7FxRGwgfIeZDT44ml8ggvmt2xgJI
/3RqPGfeCnr336J8Eu/kYn8n9UiBVMJu8bSfJ9jvBr9pcbkJTiw+zQ==
=AmHd
-----END PGP SIGNATURE-----
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
