lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.58.0707150339480.2213@be1.lrz>
Date:	Sun, 15 Jul 2007 03:58:11 +0200 (CEST)
From:	Bodo Eggert <7eggert@....de>
To:	"H. Peter Anvin" <hpa@...or.com>
cc:	Bodo Eggert <7eggert@....de>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/3][try 1] init: enable system-on-initramfs

On Sat, 14 Jul 2007, H. Peter Anvin wrote:
> Bodo Eggert wrote:
> > On Sat, 14 Jul 2007, H. Peter Anvin wrote:
> >> Bodo Eggert wrote:

> >>> Setting the name of the rdinit process to the name of the init process
> >>> in order to select the root device should not be the right knob.
> >>>
> >> What's wrong with it?
> > 
> > rdinit is supposed to be the program that mounts, root is supposed to be 
> > whatever is mounted and init is supposed to run the system. Three 
> > different things. Now if you want to change the third, just set the first 
> > to the second ...
> 
> That only applies to a model that you explicitly doesn't want to use.

I don't want to use rdinit, because there is no task for rdinit(3), and I 
don't want to mount a filesystem(3). But I do want to use init(2).

I have to lie to the kernel saying (2) is (1) in order to trick it into
beleaving I'd do (3) myself, which I don't, just in order to not do (3).
If the bug of not calling the security hook would be fixed, this trick
would use the path where rdinit is expected to trigger the callback, but
since that rdinit would be no rdinit, that callback would still be wrongly
skipped. That would not be a bad thing for my setup, but it clearly shows
this setup to be wrong.

The correct solution is tell the kernel not to do (3) if you don't want 
it to do (3). The rest will work as intended.

-- 
This message transmitted on 100% recycled electrons. 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ