Darren Reed <darrenr@reed.wattle.id.au> writes:
> If there is to be a condition placed on the presence of the ability to
> specify a different init other than /sbin/init because of security
> requirements then that same condition should also be enforced on the
> other questions which can also lead to a security breach (i.e. where is
> the root filesystem).

Yes.  and that condition is _already_ the ability to pass RB_ASKNAME
to the kernel, via flags given at a boot block/firmware prompt.

don't have a boot block and firmware which can allow "secure" (as in,
no specification of boot device, no specification of boot flags, etc),
then you should get a better system if you need that functionality.
There's just about nothing NetBSD can do to protect you from people
hacking at your firmware prompt...



cgd
-- 
Chris Demetriou - cgd@netbsd.org - http://www.netbsd.org/People/Pages/cgd.html
Disclaimer: Not speaking for NetBSD, just expressing my own opinion.