Re: syscall: sys_promote

From: Bernd Petrovitsch
Date: Mon Aug 29 2005 - 03:54:04 EST


On Mon, 2005-08-29 at 16:16 +0800, Coywolf Qi Hunt wrote:
> Bernd Petrovitsch wrote:
[...]
> >(almost) every tool may become a security problem.
> >If you fear a bug in sudo, then write a minimal setuid wrapper for
> >yourself which checks for the user it started and exec's a binary (with
> >the full path name specified).
> >And even then - dependent on other details of the setup - you have the
> >gap of security problems (or misuse) because of holes in the security.
>
> But if we make sure a tool doesn't introduce any new secrutiy problem,
> that's good enough.

ACK. That's basically the idea behind "write 15 lines of C code and be
absolutely sure that there is no problem in there".

[...]
> >What does the user do if the process terminates (for whatever reason)
> >and must be restarted by the user (manually or auutomatically)?
>
> If we worry that, we'd make a persistent OS instead.
>
> >Basically I can see no need for "one time in history" actions. A daemon
> >can terminate and must be restarted (it may even be a software bug that
> >causes this and this doesn't change anything that the daemon's admin
> >must restart it *now*). The machine may reboot for whatever reason ....
>
> The US space shuttle certainly can auto pilot, so it doesn't need a
> control panel.
> And If anything fails, NASA just launch another ship?

I didn't realize that you are working on (one-time) Space Shuttle
software.
I assumed average servers, services and environment ....

Bernd
--
Firmix Software GmbH http://www.firmix.at/
mobil: +43 664 4416156 fax: +43 1 7890849-55
Embedded Linux Development and Services

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/