[Moved here from a less appropriate list]

>>> I want to add another question at bootup for the path to init
>>> (default is /sbin/init).
>> For quite a while now, my private patch tree has included patches to
>> add a -i boot flag to the ports I care about, setting RB_INITPATH,
>> which causes init_main.c to prompt for the path to init.
> What did you do in the face of this being a potential security
> problem ?

Nothing.

To be honest, the reason is that this is for my machines, for which
anyone who can specify boot flags can already do things like replace
the disk drives, and against an attacker with that sort of access the
game is lost anyway.

> The worst I can see happening is /tmp being part of / and someone
> giving /bin/sh as the path for root.

(I assume you mean "...path for init".)  I'm not that concerned;
consider the attacker putting a custom kernel in /tmp instead and
booting with -a (or, on the alpha, whatever the heck that flag is - I
can never remember and have actually been tempted to "fix" it and
boot_osflags compatability be damned).

					der Mouse

			       mouse@rodents.montreal.qc.ca
		     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B