From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <14897aa3a24d632f340f30863deb7850@hamnavoe.demon.co.uk> To: 9fans@cse.psu.edu Subject: Re: [9fans] 4th edition file server available From: Richard Miller MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Date: Mon, 13 Jan 2003 10:01:30 +0000 Topicbox-Message-UUID: 3feae90e-eacb-11e9-9e20-41e7f4b1d025 > One advantage (as I understood it) of using a specialized kernel > was a form of security -- there were *no* user mode programs > whose bugs could be exploited. It went further than that: you couldn't even exploit a buffer overflow to exec a shell, because there was no shell and no exec. Would it be feasible, as part of bootstrapping a minimal fossil server, to remove or otherwise disable the exec system call once everything was running? -- Richard