Hi Jon :)
> It is easy to do a mount() system call, the rootfs can be ro.
Yes, but you still need a mountpoint. Lot of worries for
something as trivial and useless as changing the ps identity ;))
> > What if /proc/self/exe is not part form procfs,
> > but from some evil user ;))
> Would the user not need root privilegdes to mess with /proc?
/proc/self/exe doesn't need to be in procfs... If proc is not
mounted... Anyway it was just an example. The degree of evil-user
intrusion in a machine for doing something like that is quite high.
There are simpler ways of attacking a machine if you can forge
/proc/self/exe :))
> Is there any good reason why init should not be executable
> by root only?
My init refuses to run if not called by the superuser ;) because
I think the same as you and anyway my init doesn't need a shutdown
command, it works with a keycombo that root controls.
Raśl
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Jan 23 2003 - 22:00:13 EST