1 |
On Sat, 2004-01-17 at 20:29, Paul de Vrieze wrote: |
2 |
> On Saturday 17 January 2004 18:06, Brad House wrote: |
3 |
> > no, the rcscripts must now parse the kernel commandline opts |
4 |
> > to get a few options. There's really not many other ways to |
5 |
> > do it. Besides you just proved by your statement that someone |
6 |
> > could instead pass init=/bin/sh and override any sort of |
7 |
> > init process, so trying to make the 'cdroot' option secure |
8 |
> > is obsurd, as there's 10 million other ways to get in if you |
9 |
> > have direct access to the computer. |
10 |
> |
11 |
> The big difference is that init=/bin/sh does not give you a normal working |
12 |
> system, cdboot however could be abused to get a normal functioning |
13 |
> passwordless console. That would allow incapable systemadmins to decide to do |
14 |
> this, or even tell others to do it (the latter I want to prevent). |
15 |
> |
16 |
|
17 |
Ill post some changes later that may be acceptable in this case. |
18 |
|
19 |
|
20 |
-- |
21 |
Martin Schlemmer |
22 |
-- |
23 |
|
24 |
Martin Schlemmer |
25 |
Gentoo Linux Developer, Desktop/System Team Developer |
26 |
Cape Town, South Africa |