Date: Mon, 10 Dec 2001 21:23:27 -0500 (EST) From: Mike Silbersack <silby@silby.com> To: Alfred Perlstein <bright@mu.org> Cc: John Baldwin <jhb@FreeBSD.org>, <mini@haikugeek.com>, <cvs-all@FreeBSD.org>, <cvs-committers@FreeBSD.org> Subject: Re: cvs commit: src/sys/boot/i386/loader version src/share/examp Message-ID: <Pine.BSF.4.30.0112102122001.22013-100000@niwun.pair.com> In-Reply-To: <20011210201909.O92148@elvis.mu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 10 Dec 2001, Alfred Perlstein wrote: > > All these loader commits make it possible to overwrite the existing > contents of > a file on a UFS filesystem. > > Yay! One "cool" feaure at least from a security standpoint would > be adding a write once variable to turn this off so that one can't > use loader to smash /etc/passwd. > > John, or Jonathan... ? any plans on giving this a shot? > > -Alfred Hm, I wonder if write enabling should even be compiled into the loader by default - I think you're correct in suspecting that changing /etc/passwd will be the primary use of this feature. :| Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.30.0112102122001.22013-100000>