From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 4799 invoked from network); 17 Jan 2004 16:51:18 +0000 Received: from smtp.gentoo.org (128.193.0.39) by eagle.gentoo.oregonstate.edu with DES-CBC3-SHA encrypted SMTP; 17 Jan 2004 16:51:18 +0000 Received: from lists.gentoo.org ([128.193.0.34] helo=eagle.gentoo.org) by smtp.gentoo.org with esmtp (Exim 4.24) id 1AhtfJ-0000Ru-7f for arch-gentoo-releng@lists.gentoo.org; Sat, 17 Jan 2004 16:51:17 +0000 Received: (qmail 15471 invoked by uid 50004); 17 Jan 2004 16:51:16 +0000 Mailing-List: contact gentoo-releng-help@gentoo.org; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail Reply-To: gentoo-releng@lists.gentoo.org X-BeenThere: gentoo-releng@gentoo.org Received: (qmail 21541 invoked from network); 17 Jan 2004 16:51:16 +0000 In-Reply-To: <65254.68.105.173.45.1074356894.squirrel@mail.mainstreetsoftworks.com> References: <65074.68.105.173.45.1074313417.squirrel@mail.mainstreetsoftworks.com> <200401171126.32137.pauldv@gentoo.org> <65254.68.105.173.45.1074356894.squirrel@mail.mainstreetsoftworks.com> Mime-Version: 1.0 (Apple Message framework v604) Content-Type: text/plain; charset=US-ASCII; format=flowed Message-Id: <5D8ADEBE-490D-11D8-9955-0003938E7E46@gentoo.org> Content-Transfer-Encoding: 7bit Cc: base-system@gentoo.org, "Brad House" From: Pieter Van den Abeele Date: Sat, 17 Jan 2004 17:51:16 +0100 To: gentoo-releng@lists.gentoo.org X-Mailer: Apple Mail (2.604) Subject: Re: [gentoo-releng] Re: baselayout changes for livecds X-Archives-Salt: 9a1d6ecc-d041-43ee-ae51-4f3228821947 X-Archives-Hash: cd444b93e72554548165abb78c65b2fd I think what paul means is that when a bootloader isn't password protected, a malign user could pass 'cdroot' to the kernel and exploit some of the things this triggers in the rc scripts (autologin?) if those scripts directly parse the arguments passed to the kernel. The style of exploit is quite similar to passing: init=/home/hacker/exploit.sh or init=/bin/sh to the kernel on a system one has direct access to and whose bootloader isn't pass-protected. This issue is relevant for computers from computer rooms used for teaching/exams... But if I'm not mistaken the rc-scripts themselves do not 'parse kernel output', it's the linuxrc which parses the kernel arguments , and exports cdboot to the env, right? So there should be no security issues for systems which don't have an initrd and thus no linuxrc. Pieter On 17 Jan 2004, at 17:28, Brad House wrote: > don't have a clue what you mean by this statement > It is only applicable if you pass cdroot to your kernel. > If you're using a genkernel compiled kernel, that will > cause your system to not boot unless you're booting off a > cd. And for advanced users who actually build their own > kernel, I think they'd be brighter than to try to do autologin > stuff by passing cdroot to the kernel. > > Sorry, linux is not idiot-proof. This is a NON-ISSUE. > > -Brad > > >> Will there be a way to keep these of of hd installs. I don't think >> that >> this >> kind of functionality is good on hd installs. It makes it too easy to >> create >> an insecure system > > > -- > gentoo-releng@gentoo.org mailing list > -- gentoo-releng@gentoo.org mailing list