suggestion: rescue boot extension
Matthew Miller
mattdm at mattdm.org
Thu Jun 3 18:05:36 UTC 2010
On Wed, Jun 02, 2010 at 04:02:21PM -0400, Jon Masters wrote:
> > Hm. I can see the use of this, but I can also see issues with how you
> > do updates for it sanely (if at all.)
> Yea. I think you don't do updates for it in general. I think I agree
> with Seth that this is something Anaconda stuffs in place when it
> installs grub. Optionally, maybe you upgrade it once per release when
> you next run Anaconda, but basically it doesn't change. It's about "get
> me booted to more than a command line to fix stuff", not latest glitz.
This needs to be stated very clearly in the 'rules' for the feature. The
environment should be kept minimal and rescue-focused, to reduce the risk of
security vulnerabilities in the rescue tools. (What if there's an exploit in
wget or curl that can be used to execute arbitrary code when you think
you're just downloading an RPM to fix an issue?)
--
Matthew Miller <mattdm at mattdm.org>
Senior Systems Architect -- Instructional & Research Computing Services
Harvard School of Engineering & Applied Sciences
More information about the devel
mailing list