| 1 |
On Sat, 2004-01-17 at 20:29, Paul de Vrieze wrote: |
| 2 |
> On Saturday 17 January 2004 18:06, Brad House wrote: |
| 3 |
> > no, the rcscripts must now parse the kernel commandline opts |
| 4 |
> > to get a few options. There's really not many other ways to |
| 5 |
> > do it. Besides you just proved by your statement that someone |
| 6 |
> > could instead pass init=/bin/sh and override any sort of |
| 7 |
> > init process, so trying to make the 'cdroot' option secure |
| 8 |
> > is obsurd, as there's 10 million other ways to get in if you |
| 9 |
> > have direct access to the computer. |
| 10 |
> |
| 11 |
> The big difference is that init=/bin/sh does not give you a normal working |
| 12 |
> system, cdboot however could be abused to get a normal functioning |
| 13 |
> passwordless console. That would allow incapable systemadmins to decide to do |
| 14 |
> this, or even tell others to do it (the latter I want to prevent). |
| 15 |
> |
| 16 |
|
| 17 |
Ill post some changes later that may be acceptable in this case. |
| 18 |
|
| 19 |
|
| 20 |
-- |
| 21 |
Martin Schlemmer |
| 22 |
-- |
| 23 |
|
| 24 |
Martin Schlemmer |
| 25 |
Gentoo Linux Developer, Desktop/System Team Developer |
| 26 |
Cape Town, South Africa |
Archives