Not logged in
Log in now
Create an account
Subscribe to LWN
Pencil, Pencil, and Pencil
Dividing the Linux desktop
LWN.net Weekly Edition for June 13, 2013
A report from pgCon 2013
Little things that matter in language design
If shell == root and fork(2) == shell then fork(2) == root. That means any ability to execute code outside a sandbox == root so just forget about the whole notion of security. No. I'm not Pollyanna or anything but I'm not quite that cynical.
Posted Jun 1, 2012 17:20 UTC (Fri) by hummassa (subscriber, #307)
Posted Jun 1, 2012 18:07 UTC (Fri) by Cyberax (✭ supporter ✭, #52523)
So yes, your only hope is to contain untrusted code inside of a sandbox. And even that is non-trivial - just ask Google.
Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds