ctrl-c during boot != good

Bowe Strickland bowe at redhat.com
Wed Sep 27 20:13:53 UTC 2006 

/------------------------------------------------- thus spake "Dax Kelson" -----
| 
| On Fri, 2006-09-22 at 13:49 -0400, Bill Nottingham wrote:
| > Dax Kelson (dax at gurulabs.com) said: 
| > > SysVinit-2.86-12
| > > ----------------
| > > * Thu Sep 21 2006 Bill Nottingham <notting at redhat.com> - 2.86-12
| > > - set controlling tty for /etc/rc so that ctrl-c can be passed to hung
| > >   services (#184340)
| > > 
| > > I don't have the permission to read the bug, so I could be interpreting
| > > this wrong.
| > > 
| > > You do *not* want users to be able to press ctrl-c during boot up.
| > > Otherwise they can completely fsck the starting of daemons or commands
| > > (like remounting / rw), possibly causing a serious security breach. This
| > > is also a disaster for a kiosk where random malicious joe blows can
| > > screwup and stop the boot.
| > > 
| > > I filed a bug circa 1997ish to fix the "can press control-c during
| > > bootup" problem. Lets not go backwards.
| > 
| > We have multiple requests from people who want to be able to press
| > ctrl-c to stop hanging daemons. Note that you can *already* interrupt
| > rc.sysinit.
| > 
| > Bill
| 
| Bill, doesn't the facility already exist for those people? Namely
| "interactive boot"?
| 
| Enabling this seems like a very bad tradeoff security wise. It is
| friendly/easier to always login to the GUI as root but we don't because
| that is bad security practice.
| 
| The interruptibility of rc.sysinit should be fixed.
| 
| You could at least make it configurable in /etc/sysconfig/init. 
| 
| Make PROMPT=yes allow/imply interruptibility but it PROMPT=no then the
| bootup can't be interrupted (including rc.sysinit).

In /etc/inittab, i routinely move the getty for tty2 up to just beneath
sysinit, and above the jump to a runlevel.  that way, on hangs, i can
swith to vc2, log in and slay what i want...

would this be a solution?

1) authentication is handled
2) it implies a hackish sort of interface, so that people who resort to 
   this know not to expect perfect results
3) people who know what they're doing don't have to sit twiddling their thumbs.

--bowe

More information about the devel mailing list