Cryer,Phil wrote: > "The days when you could prevent people from running non-approved > programs by removing the C compiler from your system ended roughly with > the VAX 11/780 computer."
> My reply is, if an attacker is on the box and can compile code, you > already have more problems to worry about. What other arguments could I > use? Some of the (trivial, probably) arguments that come to my mind: - the attacker can bring his own C compiler to the box - the attacker can use perl, php, ruby, sh and other interpreters for almost everything he can use C for (the big exception is probably kernel code).
begin:vcard fn:Ivan Voras n:Voras;Ivan org:Faculty of electrical engineering and computing adr:;;;Zagreb;;;Croatia email;internet:[EMAIL PROTECTED] title:Internet services architect x-mozilla-html:FALSE version:2.1 end:vcard
_______________________________________________ varnish-misc mailing list [email protected] http://projects.linpro.no/mailman/listinfo/varnish-misc
