| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <E1JX3mO-0003eX-5W@be1.7eggert.dyndns.org>
Date: Thu, 06 Mar 2008 01:16:11 +0100
From: Bodo Eggert <7eggert@....de>
To: Guillaume Chazarain <guichaz@...il.com>,
Pawel Plociennik <paplociennik@...il.com>,
Pavel Machek <pavel@....cz>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] chroot= as a new kernel parameter
Guillaume Chazarain <guichaz@...il.com> wrote:
> On Wed, Mar 5, 2008 at 2:38 PM, Pawel Plociennik <paplociennik@...il.com>
>> At last my patch is as simple as possible and it has *only* a *few lines of
>> the code* and it can be used as *independent* method to various *hundred*
>> distroes.
>
> Your method requires a certain kernel, mine does not ;-)
Your method requires to type the whole bible on the command line.
>> static void run_init_process(char *init_filename)
>> {
>> + if (chroot_str)
>> + if (sys_chroot(chroot_str) < 0)
>> + printk(KERN_WARNING "chroot=%s failed\n",
>> chroot_str); +
>
> As I said before, this chroot= option can be used for security reason
> instead of testing purpose, and in this case, continuing booting after
> a failed chroot sounds like a security issue.
Even if not, continuing on unknown/bad options is a BAD idea. If I made a
typo in the path, the wrong system would be started, leaving me to choose
between waiting (felt) five minutes until I can shut it down cleanly or
to hard reboot and fsck.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists