Re: build an appliance without a shell

[Darryl Luff <darryl () snakegully nu>]

> Shell == more vulnerable, at a minimum.
>
> If you have stuff that needs to be executed in the box, do it in some
> hardened manner.  Run programs to run programs, or at least harden
> your scripts.  The main problem is that most of these "overweight
> 1-U servers running Linux" also have an unreasonanable amount of their
> "product" constructed from lashed together shell scripts, which requires
> a shell to execute.
>
>  
Has anyone tried using User Mode Linux (UML) for this sort of thing? 
I've been m
eaning to look at it for a while but haven't had the time. The UML 
virtual machi
ne is really just a disk image and a usermode app. The disk image 
doesn't need a
shell for admin reasons because you can run admin tasks on the host 
machine, mo
unting the disk image (or fiddling with files on a shared mount). So all 
the UML
image needs installed is the software you need to run whatever services 
it's pr
oviding. And the UML can have an accessible IP but the host machine 
doesn't need
one.

I imagine the UML process isn't bulletproof, but if an attacker doesn't 
even hav
e /bin/sh, let alone compilers etc, they need to work harder just to get 
the ini
tial foothold.


_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://www.immunitysec.com/mailman/listinfo/dailydave