Friends, It's completely unsafe to use the new USB customization keys to execute software located on-key or on-NAND because any opportunity for arbitrary code execution as uid 0 represents a serious threat to our first-boot activation security.
Since we appear to want to be able to customize images with new RPMS, this leaves us in a somewhat sticky situation. The following patch represents one approach to resolving the difficulty - that of postponing the running of any commands until after the activation initramfs yields control to late userland. Let me know what you think, both of the patch and of the approach, Michael _______________________________________________ Devel mailing list [email protected] http://lists.laptop.org/listinfo/devel
