|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: Here's another glibc env. var.
From: Chris Evans (chris
ferret.lmh.ox.ac.uk)Date: Thu May 25 2000 - 06:22:44 CDT
- Next message: Solar Designer: "Re: Here's another glibc env. var."
- Previous message: Rafael J. Wysocki: "Re: Here's another glibc env. var."
- In reply to: Matthew Kirkwood: "Re: Here's another glibc env. var."
- Next in thread: Solar Designer: "Re: Here's another glibc env. var."
- Next in thread: Rafael J. Wysocki: "Re: Here's another glibc env. var."
- Reply: Chris Evans: "Re: Here's another glibc env. var."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Thu, 25 May 2000, Matthew Kirkwood wrote:
> What about ping? Should that be split into client/server
> portions?
Ideally yes.
In practice? No, because ping immediately drops all privs apart from its
raw network socket file descriptor, and even then, has seen extensive
audit.
In this case, splitting into a client/distrusting server pair, doesn't
pass the "effort to benefit" test ;-)
Cheers
Chris
- Next message: Solar Designer: "Re: Here's another glibc env. var."
- Previous message: Rafael J. Wysocki: "Re: Here's another glibc env. var."
- In reply to: Matthew Kirkwood: "Re: Here's another glibc env. var."
- Next in thread: Solar Designer: "Re: Here's another glibc env. var."
- Next in thread: Rafael J. Wysocki: "Re: Here's another glibc env. var."
- Reply: Chris Evans: "Re: Here's another glibc env. var."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]