On Thu, 2010-06-03 at 14:05 -0400, Matthew Miller wrote:
On Wed, Jun 02, 2010 at 04:02:21PM -0400, Jon Masters wrote:
> > Hm. I can see the use of this, but I can also see issues with how you
> > do updates for it sanely (if at all.)
> Yea. I think you don't do updates for it in general. I think I agree
> with Seth that this is something Anaconda stuffs in place when it
> installs grub. Optionally, maybe you upgrade it once per release when
> you next run Anaconda, but basically it doesn't change. It's about
"get
> me booted to more than a command line to fix stuff", not latest glitz.
This needs to be stated very clearly in the 'rules' for the feature. The
environment should be kept minimal and rescue-focused, to reduce the risk of
security vulnerabilities in the rescue tools. (What if there's an exploit in
wget or curl that can be used to execute arbitrary code when you think
you're just downloading an RPM to fix an issue?)
Agreed. But it is the same problem as "what if there's an exploit in a
library Anaconda uses to download repos during install?". There would
still be a lot of media out there and I'm not sure we've ever respun the
main images post GA for that, unless I'm just very wrong. As long as
we're very clear, I think it's ok.
Jon.