Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-releng
Navigation:
Lists: gentoo-releng: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-releng@g.o
From: "Brad House" <brad_mssw@g.o>
Subject: Re: Re: baselayout changes for livecds
Date: Sat, 17 Jan 2004 12:06:16 -0500 (EST)
no, the rcscripts must now parse the kernel commandline opts
to get a few options. There's really not many other ways to
do it.  Besides you just proved by your statement that someone
could instead pass   init=/bin/sh  and override any sort of
init process, so trying to make the 'cdroot' option secure
is obsurd, as there's 10 million other ways to get in if you
have direct access to the computer.

-Brad

> I think what paul means is that when a bootloader isn't password
> protected, a malign user could pass 'cdroot' to the kernel and exploit
> some of the things this triggers in the rc scripts (autologin?) if
> those scripts directly parse the arguments passed to the kernel.
>
> The style of exploit is quite similar to passing:
>
> init=/home/hacker/exploit.sh or init=/bin/sh
>
> to the kernel on a system one has direct access to and whose bootloader
> isn't pass-protected. This issue is relevant for computers from
> computer rooms used for teaching/exams...
>
> But if I'm not mistaken the rc-scripts themselves do not 'parse kernel
> output', it's the linuxrc which parses the kernel arguments , and
> exports cdboot to the env, right? So there should be no security issues
> for systems which don't have an initrd and thus no linuxrc.
>
> Pieter
>
> On 17 Jan 2004, at 17:28, Brad House wrote:
>
>> don't have a clue what you mean by this statement
>> It is only applicable if you pass  cdroot  to your kernel.
>> If you're using a genkernel compiled kernel, that will
>> cause your system to not boot unless you're booting off a
>> cd.  And for advanced users who actually build their own
>> kernel, I think they'd be brighter than to try to do autologin
>> stuff by passing cdroot to the kernel.
>>
>> Sorry, linux is not idiot-proof. This is a NON-ISSUE.
>>
>> -Brad
>>
>>
>>> Will there be a way to keep these of of hd installs. I don't think
>>> that
>>> this
>>> kind of functionality is good on hd installs. It makes it too easy to
>>> create
>>> an insecure system
>>
>>
>> --
>> gentoo-releng@g.o mailing list
>>
>
>
> --
> gentoo-releng@g.o mailing list
>
>
>


--
gentoo-releng@g.o mailing list

Replies:
Re: Re: baselayout changes for livecds
-- Paul de Vrieze
Re: Re: baselayout changes for livecds
-- Pieter Van den Abeele
References:
baselayout changes for livecds
-- Brad House
Re: baselayout changes for livecds
-- Paul de Vrieze
Re: Re: baselayout changes for livecds
-- Brad House
Re: Re: baselayout changes for livecds
-- Pieter Van den Abeele
Navigation:
Lists: gentoo-releng: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: Re: baselayout changes for livecds
Next by thread:
Re: Re: baselayout changes for livecds
Previous by date:
Re: Re: baselayout changes for livecds
Next by date:
Re: Re: baselayout changes for livecds


Updated Jun 17, 2009

Summary: Archive of the gentoo-releng mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.