1 |
On Saturday 17 January 2004 18:06, Brad House wrote: |
2 |
> no, the rcscripts must now parse the kernel commandline opts |
3 |
> to get a few options. There's really not many other ways to |
4 |
> do it. Besides you just proved by your statement that someone |
5 |
> could instead pass init=/bin/sh and override any sort of |
6 |
> init process, so trying to make the 'cdroot' option secure |
7 |
> is obsurd, as there's 10 million other ways to get in if you |
8 |
> have direct access to the computer. |
9 |
|
10 |
The big difference is that init=/bin/sh does not give you a normal working |
11 |
system, cdboot however could be abused to get a normal functioning |
12 |
passwordless console. That would allow incapable systemadmins to decide to do |
13 |
this, or even tell others to do it (the latter I want to prevent). |
14 |
|
15 |
Paul |
16 |
|
17 |
-- |
18 |
Paul de Vrieze |
19 |
Gentoo Developer |
20 |
Mail: pauldv@g.o |
21 |
Homepage: http://www.devrieze.net |