[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Moving rc.d scripts to base.tgz
On Thu, Apr 14, 2011 at 10:19:25PM +0000, Michael van Elst wrote:
> tls%panix.com@localhost (Thor Lancelot Simon) writes:
> >I should note that this doesn't give me what I want, since if the
> >system still goes looking in /etc for stuff to execute at boot time
> >(or shutdown time, or...) I still can't safely leave /etc mounted
> Why would other files in /etc have less impact than the rc scripts?
Because they are not programs in general purpose programming languages.
And because they -- generally -- do not control behavior of the system
while the system is at security level 0 such that they can cause
permanent TCB compromise.
If I'm concerned about the possibility of configuring a system daemon
in such a dangerous way, I can remove it -- or elsewise pin down its
configuration. But removing the shell from a Unix system is a much
more drastic exercise, though I have done that, too.
Main Index |
Thread Index |