On 01/09/2018 05:58 PM, Gé Weijers wrote:
> On Wed, Jan 3, 2018 at 2:32 PM, Walter Parker <walt...@gmail.com> wrote:
>> On Wed, Jan 3, 2018 at 2:25 PM, Steve Yates <st...@teamits.com> wrote:
>>> I'm not a developer but I would think it's dependent on FreeBSD releasing
>>> the update, plus testing by pfSense/Netgate.  However, I would think
>>> there's not much concern with PCs running pfSense, since raw code would
>> not
>>> normally be running on the pfSense box...?
> Agreed, if someone manages to run malicious code on your pfSense box you
> have bigger problems.
I disagree. The fact that user processes can gain kernel-level access
*is* the bigger problem. A buffer overflow affecting a process running
as _dhcp would not otherwise result in such a severe issue.
> HOWEVER: running pfSense as a virtual machine may not be the best idea if
> you do not have full control over the other VMs running on the same
> hardware.

This contradicts the majority of the purpose of virtualization.

pfSense mailing list
Support the project with Gold! https://pfsense.org/gold

Reply via email to