Re: Moving rc.d scripts to base.tgz

To: Michael van Elst <mlelstv%serpens.de@localhost>
Subject: Re: Moving rc.d scripts to base.tgz
From: Thor Lancelot Simon <tls%panix.com@localhost>
Date: Thu, 14 Apr 2011 18:54:14 -0400

On Thu, Apr 14, 2011 at 10:19:25PM +0000, Michael van Elst wrote:
> tls%panix.com@localhost (Thor Lancelot Simon) writes:
> 
> >I should note that this doesn't give me what I want, since if the
> >system still goes looking in /etc for stuff to execute at boot time
> >(or shutdown time, or...) I still can't safely leave /etc mounted
> >read-write.
> 
> Why would other files in /etc have less impact than the rc scripts?

Because they are not programs in general purpose programming languages.
And because they -- generally -- do not control behavior of the system
while the system is at security level 0 such that they can cause
permanent TCB compromise.

If I'm concerned about the possibility of configuring a system daemon
in such a dangerous way, I can remove it -- or elsewise pin down its
configuration.  But removing the shell from a Unix system is a much
more drastic exercise, though I have done that, too.

Thor

Follow-Ups:
- Re: Moving rc.d scripts to base.tgz
  - From: Michael van Elst

References:
- Moving rc.d scripts to base.tgz
  - From: Julio Merino
- Re: Moving rc.d scripts to base.tgz
  - From: Greg Troxel
- Re: Moving rc.d scripts to base.tgz
  - From: Julio Merino
- Re: Moving rc.d scripts to base.tgz
  - From: Thor Lancelot Simon
- Re: Moving rc.d scripts to base.tgz
  - From: Michael van Elst

Prev by Date: Re: Moving rc.d scripts to base.tgz
Next by Date: Re: Moving rc.d scripts to base.tgz
Previous by Thread: Re: Moving rc.d scripts to base.tgz
Next by Thread: Re: Moving rc.d scripts to base.tgz
Indexes:

Home | Main Index | Thread Index | Old Index