Petter Reinholdtsen wrote: > This sounds like a security issue. If the admin made / read-only, and > someone is able to gain enough privileges to talk to init but not to > remount the file system, they could re-exec init with a binary they > provide instead of the binary the machine administrator intented to > run. Am I wrong? If I am right, I believe we should not implement > this feature.
I had the same thought. At the very least the feature creates a new angle of attack which needs to be thought about. Whether the feature really could create a vulnerability, I am not qualified to judge. This is not to say that we definitely should not implement this. But it does mean that there should be strong arguments in favor of adding the feature. Is "telinit u" with the new feature _needed_ to deal with these cases? What are the alternatives? -- Thomas -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
