On Fri, 2007-09-07 at 01:21 +0200, Trond Myklebust wrote:
Sorry. Of course, you have to copy the entire /lib, etc. onto the tmpfs,
but you get the gist....
The point is that it is easy to subvert userspace if you have enough
privileges. In the above example it may not be entirely undetectable,
but who here is running a script on every login to check that / is