On Mon, 2005-08-29 at 16:16 +0800, Coywolf Qi Hunt wrote: > Bernd Petrovitsch wrote: [...] > >(almost) every tool may become a security problem. > >If you fear a bug in sudo, then write a minimal setuid wrapper for > >yourself which checks for the user it started and exec's a binary (with > >the full path name specified). > >And even then - dependent on other details of the setup - you have the > >gap of security problems (or misuse) because of holes in the security. > > But if we make sure a tool doesn't introduce any new secrutiy problem, > that's good enough.
ACK. That's basically the idea behind "write 15 lines of C code and be absolutely sure that there is no problem in there". [...] > >What does the user do if the process terminates (for whatever reason) > >and must be restarted by the user (manually or auutomatically)? > > If we worry that, we'd make a persistent OS instead. > > >Basically I can see no need for "one time in history" actions. A daemon > >can terminate and must be restarted (it may even be a software bug that > >causes this and this doesn't change anything that the daemon's admin > >must restart it *now*). The machine may reboot for whatever reason .... > > The US space shuttle certainly can auto pilot, so it doesn't need a > control panel. > And If anything fails, NASA just launch another ship? I didn't realize that you are working on (one-time) Space Shuttle software. I assumed average servers, services and environment .... Bernd -- Firmix Software GmbH http://www.firmix.at/ mobil: +43 664 4416156 fax: +43 1 7890849-55 Embedded Linux Development and Services - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/