From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 In-Reply-To: <5b42f3047db318b115c3e3bbb237a45e@terzarima.net> References: <13426df10904181037k6b5b71dawe13a5ca1e08a8cd0@mail.gmail.com> <5b42f3047db318b115c3e3bbb237a45e@terzarima.net> Date: Sat, 18 Apr 2009 19:26:21 -0400 Message-ID: <3aaafc130904181626q54be5801tbf21b2b27a05d1a@mail.gmail.com> From: "J.R. Mauro" To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Subject: Re: [9fans] Plan9 - the next 20 years Topicbox-Message-UUID: e809baf8-ead4-11e9-9d60-3106f5b1d025 On Sat, Apr 18, 2009 at 7:31 PM, Charles Forsyth wr= ote: > this discussion of checkpoint/restart reminds me of > a hint i was given years ago: if you wanted to break into a system, > attack through the checkpoint/restart system. i won a jug of > beer for my subsequent successful attack which involved patching > the disc offset for an open file in a copy of the Slave Service Area save= d > by the checkpoint; with the offset patched to zero, the newly restored pr= ocess > could read the file and dump the users and passwords conveniently stored = in the clear at > the start of the system area of the system disc. =A0the hard bit was > writing the code to dump the data in a tidy way. > > Unfortunately, in the rush to build the Next Cool Thing people often leave security issues to the very end, at which point shoehorning fixes in gets ugly.