On Sun, Jul 06, 2003 at 12:30:56AM +0300, Meir Michanie wrote: > I use UML at home, but to give UML in a public place like the > university? > > They would hack you from the inside. That is to much power.
I am not sure I understand what you say. UML runs as normal user, not root. Any user can run it without me even knowing. If you know about a security problem with UML you might want to report it to the UML developers. Note this is totally different from chroot, and has almost nothing to do with it (except that some problems can be solved by both of them). The only risky thing is to let them do networking (for which you have to have a suid ifconfig). I am not sure we need it for our needs (such as OS course students) - they can pass files between the real machine and the UML in other ways (e.g. filesystems). > > also, the uml machine has to run somewhere, the server? I do not see > anything from a chrooted account, but then is to limiting if they need > to run compilers... As I said, I can let them pass things (such as executables), but I do not think even compilers are such a problem - we have here big /tmp's, I can provide big UML images with compilers inside. -- Didi ================================================================= To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
