Subject: Re: asking for the path to init.
To: der Mouse <mouse@Rodents.Montreal.QC.CA>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: tech-kern
Date: 09/22/1999 18:25:30
On Wed, Sep 22, 1999 at 11:35:43AM -0400, der Mouse wrote:
> If the attacker can write a file anywhere the booter can load it,
> you've lost.  Perhaps most simply, that file can be a kernel with a
> ramdisk filesystem including a full-fledged OS - there are many other
> possibilities.

Again, in my environement if a user can get root with just the boot prompt
it will. If he needs to do some special setup (recompile a kernel, ...)
he will probably don't bother with that.
This is just a matter of 'how easy it is'.

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--