El mar, 14-10-2003 a las 19:35, Sean Middleditch escribió: > On Tue, 2003-10-14 at 13:25, Carlos Perelló MarÃn wrote: > > El mar, 14-10-2003 a las 19:13, Rob Adams escribió: > > > Could we LD_PRELOAD an exec() (and system() ) wrapper for lockdown mode? > > > > > > > I think that we should modify the original exec() and system() calls, > > they are basic calls that any application will use. > > Completely not acceptable - you'd have to modify these not only in > glibc, which I doubt you'd manage to get in upstream, but also for every > other (non Free/Open) OS GNOME supports. I know it's not acceptable, but it's better than the LD_PRELOAD suggestion. As I said, I think that acls are the answer here (with your suggestion about nonexec mounts it's better). [...] Cheers. -- Carlos Perelló Marín Debian GNU/Linux Sid (PowerPC) Linux Registered User #121232 mailto:carlos pemas net || mailto:carlos gnome org http://carlos.pemas.net Valencia - Spain
Attachment:
signature.asc
Description: Esta parte del mensaje =?ISO-8859-1?Q?est=E1?= firmada digitalmente