Date: Thu, 20 Jul 2000 10:58:34 -0700 (PDT) From: Steve Kargl <sgk@troutmask.apl.washington.edu> To: Warner Losh <imp@village.org> Cc: Marcel Moolenaar <marcel@cup.hp.com>, Robert Watson <rwatson@FreeBSD.ORG>, cvs-committers@FreeBSD.ORG, cvs-all@FreeBSD.ORG, security-officer@FreeBSD.ORG Subject: Re: cvs commit: src/sys/i386/linux linux_dummy.c linux_misc.c Message-ID: <200007201758.KAA55765@troutmask.apl.washington.edu> In-Reply-To: <200007201738.LAA91857@harmony.village.org> from Warner Losh at "Jul 20, 2000 11:38:34 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Warner Losh wrote: > : BTW: Making the Linuxulator secure is relatively easy if you only count > : Linux binaries that are developed for a real Linux system. It's much > : harder to make it secure for any Linux binaries that are designed to > : exploit bugs in the Linuxulator, right? > > No. Programs that attack bugs in the linuxulator need to be defended > against. Otherwise, we've just introduced a big, huge security hole > into FreeBSD which isn't acceptible. Lots of people run the > Linuxulator, so any attacks that one can launch on it will have a > large i mpact in our user base. > Can the linuxulator be encapsulated by a jail(2) environment? This would at least minimize the damage a rogue program to the jail. -- Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200007201758.KAA55765>