brent timothy saner on 16 Nov 2016 12:20:26 -0800

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] root shell

On 11/16/2016 03:03 PM, JP Vossen wrote:
> The fact is that even on a "whole disk" encrypted system, parts of it
> are not encrypted.  If you can get at those parts--however you do
> it--you can plant trojans, redirect data streams or whatever else.  This
> vulnerability makes it easier to do that and that's not good, but that's
> all it does and it looks trivially easy to fix.
> Thoughts?

yep, fully agreed. there's been some chatter in the IRC channel.

as i've noted in the channel, you can do the same thing (literally, the
same shell- busybox) in GRUB (and how many of you have unlocked
bootloaders, and allow booting without a passphrase?):

on the kernel line:

for sys-v style init:
kernel ... single

for systemd:
kernel ...

same exact thing. the nice thing about arch is it uses systemd initrd,
so the login can copy in the /etc/passwd and /etc/shadow and uses login
via that. (initrd customization in Arch is actually quite easy at that-
even easier than dracut.)

but fully agreed- if this got a CVE, then so should there be a CVE for
being able to boot to USB/livecd. or one for cases where unlocked grub
allows booting to the initrd rescue system. etc.

Attachment: signature.asc
Description: OpenPGP digital signature

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --