retep2home.com

• Next message: Matthew Kirkwood: "Design: an FTP gateway"
• Previous message: David Luyer: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
• In reply to: Len Budney: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
• Next in thread: Crispin Cowan: "Bernstein's License"
• Next in thread: Sean Hunter: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
• Reply: Peter Todd: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, 23 Jul 2000, you wrote:
> Second, GPL => autoconf => compile-time feature selection. We would need to
> ensure that EVERY combination of compile-time options produced a system as
> secure as the standard version. Doable; the danger is we won't do that.

If you don't have the time to test every little combination of
compile-time options with autoconf one possibility would be to use
autoconf as a tool designed to check *if* a system supports your
program. So have autoconf do all the tests but then instead of using
those compile time #defines to change how code is compiled simply set
things up so that unless you have a specific configuration
./configure will die.

Some of my programs do that, though because of lazyness instead of
security. :)

-- 
reteppenguinpowered.com http://retep.tripod.com 

• Next message: Matthew Kirkwood: "Design: an FTP gateway"
• Previous message: David Luyer: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
• In reply to: Len Budney: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
• Next in thread: Crispin Cowan: "Bernstein's License"
• Next in thread: Sean Hunter: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
• Reply: Peter Todd: "Re: Demo patch - run telnetd as non-root and chroot()'ed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]