Gentoo Archives: gentoo-releng

From: Paul de Vrieze <pauldv@g.o>
To: gentoo-releng@l.g.o
Subject: Re: [gentoo-releng] Re: baselayout changes for livecds
Date: Sat, 17 Jan 2004 18:29:10
Message-Id: 200401171929.06293.pauldv@gentoo.org
In Reply to: Re: [gentoo-releng] Re: baselayout changes for livecds by Brad House
On Saturday 17 January 2004 18:06, Brad House wrote:
> no, the rcscripts must now parse the kernel commandline opts > to get a few options. There's really not many other ways to > do it. Besides you just proved by your statement that someone > could instead pass init=/bin/sh and override any sort of > init process, so trying to make the 'cdroot' option secure > is obsurd, as there's 10 million other ways to get in if you > have direct access to the computer.
The big difference is that init=/bin/sh does not give you a normal working system, cdboot however could be abused to get a normal functioning passwordless console. That would allow incapable systemadmins to decide to do this, or even tell others to do it (the latter I want to prevent). Paul -- Paul de Vrieze Gentoo Developer Mail: pauldv@g.o Homepage: http://www.devrieze.net

Replies

Subject Author
Re: [gentoo-releng] Re: baselayout changes for livecds Martin Schlemmer <azarah@g.o>
Re: [gentoo-releng] Re: baselayout changes for livecds Martin Schlemmer <azarah@g.o>