Dailydave mailing list archives
anonymized reply
From: Dave Aitel <dave () immunitysec com>
Date: Sun, 07 Mar 2004 14:36:39 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 i've used UML a bit for developing/debugging some limited purpose systems. it's a great environment for developing/debugging because you don't have to load your system on a disk, sneaker-net it to another system, hit reset, wait for POST, wait for boot, etc... you just kill/restart the process and if there's something wrong with your /sbin/init equivalent, you just fix it and restart the process. security-wise, running your process as /sbin/init is pretty tight. yeah, there are still likely avenues for attack, but without any of the normal /bin/* stuff, it would be pretty difficult to gain control, affect permanent change in the system, etc... -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFAS3nHzOrqAtg8JS8RAr0ZAKCSXL8olwt5I4Jxas2IIiKM0VBfyACg7H27 FjwQwQj+8KIW8OixYyTfhZg= =rvLZ -----END PGP SIGNATURE----- _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- anonymized reply Dave Aitel (Mar 07)