[geeks] wild article

Joshua D Boyd jdboyd at cs.millersville.edu
Fri Feb 8 14:24:38 CST 2002


On Fri, Feb 08, 2002 at 03:12:09PM -0500, Rob wrote:
> While an interesting idea, the first problem that springs to mind is that
> once you now need to do maintenance, change a rule, etc., you have to
> bounce the box causing 2 minutes of network downtime. Not good IMHO.

I wonder how hard it would be to modify the kernel so that a keystroke on
the console remounts a FS to load new rules...
 
> Finally, since only the kernel process is running, all userland processes
> are fscked. There goes remote managability unless you intend to rewrite
> SSH into a kernel mod. (Another poor idea IMHO.)

There was a team that modded orbit into the kernel.  It would have required
a lot of work to be useable (like, it completely lacked security while 
allowing remote machines to make system calls to your box), but that certainly
was a cool hack.  But, the project seemed dead when I found it, and that was
years ago.

-- 
Joshua D. Boyd



More information about the geeks mailing list