Dailydave mailing list archives
Re: build an appliance without a shell
From: Rodney Thayer <rodney () canola-jones com>
Date: Thu, 04 Mar 2004 08:15:54 -0800
At 08:03 AM 3/4/2004 -0700, ken_i_m () fatair net wrote:
On Thu, Mar 04, 2004 at 02:29:41AM -0800, arlen (arlen () hushmail com) wrote:asked the S.E. about shells - does it have one? Is there any way of getting a full interactive shell on this thing?I was just handed a task yesterday to build a single function "toaster" to be hung outside the firewall on its own public IP. I have thought about building various appliance in the past so it is not a new idea. Building an OS from the ground up using a linux kernel is not a big deal either. But after reading the thread from which I took the above quote I am left with "shell == bad" therefore no shell. ???
Shell == more vulnerable, at a minimum. If you have stuff that needs to be executed in the box, do it in some hardened manner. Run programs to run programs, or at least harden your scripts. The main problem is that most of these "overweight 1-U servers running Linux" also have an unreasonanable amount of their "product" constructed from lashed together shell scripts, which requires a shell to execute. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- build an appliance without a shell ken_i_m (Mar 04)
- RE: build an appliance without a shell Pete Herzog (Mar 04)
- RE: build an appliance without a shell Rodney Thayer (Mar 04)
- Re: build an appliance without a shell ken_i_m (Mar 04)
- RE: build an appliance without a shell Rodney Thayer (Mar 04)
- Re: build an appliance without a shell Rodney Thayer (Mar 04)
- Re: build an appliance without a shell Darryl Luff (Mar 07)
- Re: build an appliance without a shell david maynor (Mar 04)
- RE: build an appliance without a shell Pete Herzog (Mar 04)