[geeks] wild article
Joshua D Boyd
jdboyd at cs.millersville.edu
Fri Feb 8 14:24:38 CST 2002
On Fri, Feb 08, 2002 at 03:12:09PM -0500, Rob wrote:
> While an interesting idea, the first problem that springs to mind is that
> once you now need to do maintenance, change a rule, etc., you have to
> bounce the box causing 2 minutes of network downtime. Not good IMHO.
I wonder how hard it would be to modify the kernel so that a keystroke on
the console remounts a FS to load new rules...
> Finally, since only the kernel process is running, all userland processes
> are fscked. There goes remote managability unless you intend to rewrite
> SSH into a kernel mod. (Another poor idea IMHO.)
There was a team that modded orbit into the kernel. It would have required
a lot of work to be useable (like, it completely lacked security while
allowing remote machines to make system calls to your box), but that certainly
was a cool hack. But, the project seemed dead when I found it, and that was
years ago.
--
Joshua D. Boyd
More information about the geeks
mailing list