In some email I received from Greywolf, sie wrote:
> On Fri, 17 Sep 1999, Manuel Bouyer wrote:
> 
> # On Fri, Sep 17, 1999 at 01:13:07PM -0400, der Mouse wrote:
> # > No...not the / filesystem, but rather any local filesystem (well, any
> # > local filesystem that can be root - some local filesystem types have no
> # > mountroot capability).  If the attacker can boot with the option to
> # > prompt for init, the attacker can also specify arbitrary root device
> # > and kernel names.  Given this plus attacker write access to any
> # > filesystem the booter is willing to load the kernel from, the game is
> # > lost before "path to init?" even matters.
> # 
> # Not sure. Without devices nodes the game is harder.
> 
> As far as I know, the whole 'path to init' thing is for failure recovery
> only, i.e. if you zorch your /sbin/init, you at least have the ability to
> run from the one you saved (you *did* save init before you zorched it,
> right?).

Or rather to enable you to boot using /sbin/init.new and not be screwed
over because you had to replace /sbin/init.

Darren