Subject: Re: asking for the path to init.
To: None <>
From: der Mouse <mouse@Rodents.Montreal.QC.CA>
List: tech-kern
Date: 09/22/1999 11:35:43
>>> They could certainly do it, but there will be no /dev on this
>>> partition ...
>> so they use a /sbin/init that has their own devfs, or it's own
>> ramdisk .. the point is:  if someone can get to RB_ASKNAME, you've
>> lost.
> No, because there's no /sbin at all

If the attacker can write a file anywhere the booter can load it,
you've lost.  Perhaps most simply, that file can be a kernel with a
ramdisk filesystem including a full-fledged OS - there are many other

If the machine has no writable drives at all, you are probably okay.
Probably.  I wouldn't want to count on it.

					der Mouse

		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B