From owner-cvs-all Mon Dec 10 18:23:34 2001 Delivered-To: cvs-all@freebsd.org Received: from niwun.pair.com (niwun.pair.com [209.68.2.70]) by hub.freebsd.org (Postfix) with SMTP id EC6AA37B417 for ; Mon, 10 Dec 2001 18:23:27 -0800 (PST) Received: (qmail 28278 invoked by uid 3193); 11 Dec 2001 02:23:27 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 11 Dec 2001 02:23:27 -0000 Date: Mon, 10 Dec 2001 21:23:27 -0500 (EST) From: Mike Silbersack X-Sender: To: Alfred Perlstein Cc: John Baldwin , , , Subject: Re: cvs commit: src/sys/boot/i386/loader version src/share/examp In-Reply-To: <20011210201909.O92148@elvis.mu.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Mon, 10 Dec 2001, Alfred Perlstein wrote: > > All these loader commits make it possible to overwrite the existing > contents of > a file on a UFS filesystem. > > Yay! One "cool" feaure at least from a security standpoint would > be adding a write once variable to turn this off so that one can't > use loader to smash /etc/passwd. > > John, or Jonathan... ? any plans on giving this a shot? > > -Alfred Hm, I wonder if write enabling should even be compiled into the loader by default - I think you're correct in suspecting that changing /etc/passwd will be the primary use of this feature. :| Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message