Re: Insecurity in linux boot

Gregory Maxwell (linker@z.ml.org)
Tue, 12 Jan 1999 19:11:33 -0500 (EST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Todd A. Wood: "Re: Linux 2.2.0-pre6 bug -- error mounting CDROM"
Previous message: Tim Waugh: "Re: Parport"
In reply to: Rik van Riel: "Re: Qmail for Vger campaign :)"

If they can alter init from a tmp race, and have console access to the
system, then you have bigger problems.

On a system where this kind of security is a concern (what? a kiosk in a
'cracker' bar?), you can take the 1/2 second to remove the call from the
kernel yourself (or send me nice mail to send you a patch if you can't do
it yourself).

On Tue, 12 Jan 1999 christophe.leroy5@capway.com wrote:

> At the end of boot, Linux kernel tries to fork init.
> If it fails, /bin/sh is forked.
> It means that If someone can alter init (with a tmp race for
> example), then reboot, it will have all access to the system.
>
> I think that /bin/sh should only be forked when asked at boot time
> with init= parameter (its use beeing protected by lilo password)
>
> christophe
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/
>

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Todd A. Wood: "Re: Linux 2.2.0-pre6 bug -- error mounting CDROM"
Previous message: Tim Waugh: "Re: Parport"
In reply to: Rik van Riel: "Re: Qmail for Vger campaign :)"