Gentoo Archives: gentoo-releng

From: Paul de Vrieze <pauldv@g.o>
To: gentoo-releng@l.g.o
Subject: Re: [gentoo-releng] Re: baselayout changes for livecds
Date: Sat, 17 Jan 2004 18:29:10
Message-Id: 200401171929.06293.pauldv@gentoo.org
In Reply to: Re: [gentoo-releng] Re: baselayout changes for livecds by Brad House
1 On Saturday 17 January 2004 18:06, Brad House wrote:
2 > no, the rcscripts must now parse the kernel commandline opts
3 > to get a few options. There's really not many other ways to
4 > do it. Besides you just proved by your statement that someone
5 > could instead pass init=/bin/sh and override any sort of
6 > init process, so trying to make the 'cdroot' option secure
7 > is obsurd, as there's 10 million other ways to get in if you
8 > have direct access to the computer.
9
10 The big difference is that init=/bin/sh does not give you a normal working
11 system, cdboot however could be abused to get a normal functioning
12 passwordless console. That would allow incapable systemadmins to decide to do
13 this, or even tell others to do it (the latter I want to prevent).
14
15 Paul
16
17 --
18 Paul de Vrieze
19 Gentoo Developer
20 Mail: pauldv@g.o
21 Homepage: http://www.devrieze.net

Replies

Subject Author
Re: [gentoo-releng] Re: baselayout changes for livecds Martin Schlemmer <azarah@g.o>
Re: [gentoo-releng] Re: baselayout changes for livecds Martin Schlemmer <azarah@g.o>