Subject: Re: asking for the path to init.
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: tech-kern
Date: 09/17/1999 19:44:48
On Fri, Sep 17, 1999 at 01:13:07PM -0400, der Mouse wrote:
> No...not the / filesystem, but rather any local filesystem (well, any
> local filesystem that can be root - some local filesystem types have no
> mountroot capability).  If the attacker can boot with the option to
> prompt for init, the attacker can also specify arbitrary root device
> and kernel names.  Given this plus attacker write access to any
> filesystem the booter is willing to load the kernel from, the game is
> lost before "path to init?" even matters.

Not sure. Without devices nodes the game is harder.

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--