On Thu, 2007-06-28 at 14:08 -0700, Jane Dogalt wrote: > --- Jeremy Katz <[EMAIL PROTECTED]> wrote: > > On Tue, 2007-06-26 at 08:45 +0200, Alexandre Magaz Graça wrote: > > > I'm making a LiveCD that I want to autorun (from Windows and Linux) > > to > > > open a browser showing some help about how it works. So I added a > > new > > > option that lets add to the CD root file system. > > > > > > If someone finds it useful, the attached patch adds this option to > > > pilgrim. The patch is for the latest git version. > > > > While this is useful, more generally, you may want to add other > > directories as well. Or be able to modify the bootloader config. So > > I > > wonder if more accurately what's wanted is really implementing > > --nochroot for %post from the config. That way, you could do > > whatever > > you want. > > > > The reason against is that it's kind of scary to let an unchroot'd > > script run when creating live CDs as the config may or may not be > > trustable. > > Correct me if I'm wrong, but I've always been a bit weary of untrusted > or possibly buggy scripts running with root privs even under the > chroot. The first example that comes to mind is (perhaps historic) > libselinux stuff doing a call to init (in its %post). I'm not a > hardcore cracker, so the only thing that comes to mind is shutting down > the host build system, but I imagine there are craftier things that > could be done. Is this perhaps only relevent if proc and dev are > mounted under the chroot?
Oh, there are definitely things that can be done as is. It's more a matter of what the chances of pain/problems are. Jeremy -- Fedora-livecd-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-livecd-list
