Off-hand the possibility of using a different root filesystem on a
removeable medium (floppy disk) springs to mind as yet another obvious
security threat, but this can probably be avoided, by compiling the
floppy driver as a module and not allowing for NFS mounted root
filesystems. Most of the other boot time options probably result in
making the system rather unreliable and prone to crashes but I am not
aware of obvious exploits.
Generally, though I am in favor of your proposal. Providing as many
boot-time security measures as possible sounds like a *very* good idea
--- but maybe I am just a little bit paranoid :-)
Markus
-- Markus Gutschke Internet: gutschk@math.uni-muenster.de Schlage 5a D-48268 Greven-Gimbte Germany