[Fedora-livecd-list] Adding files into the CD root file system
Jane Dogalt
jdogalt at yahoo.com
Thu Jun 28 21:08:49 UTC 2007
--- Jeremy Katz <katzj at redhat.com> wrote:
> On Tue, 2007-06-26 at 08:45 +0200, Alexandre Magaz Graça wrote:
> > I'm making a LiveCD that I want to autorun (from Windows and Linux)
> to
> > open a browser showing some help about how it works. So I added a
> new
> > option that lets add to the CD root file system.
> >
> > If someone finds it useful, the attached patch adds this option to
> > pilgrim. The patch is for the latest git version.
>
> While this is useful, more generally, you may want to add other
> directories as well. Or be able to modify the bootloader config. So
> I
> wonder if more accurately what's wanted is really implementing
> --nochroot for %post from the config. That way, you could do
> whatever
> you want.
>
> The reason against is that it's kind of scary to let an unchroot'd
> script run when creating live CDs as the config may or may not be
> trustable.
Correct me if I'm wrong, but I've always been a bit weary of untrusted
or possibly buggy scripts running with root privs even under the
chroot. The first example that comes to mind is (perhaps historic)
libselinux stuff doing a call to init (in its %post). I'm not a
hardcore cracker, so the only thing that comes to mind is shutting down
the host build system, but I imagine there are craftier things that
could be done. Is this perhaps only relevent if proc and dev are
mounted under the chroot?
On a seperate note, more related to the parent post, another cool thing
I'll bring up again is the idea of including a win32 port of qemu on
the iso so that could be winblowz-autorun so that when the livecd is
put in a windows system, it boots up to the livecd as well (in a much
safer way if it is a semi-trusted custom spin, versus a more trustworth
official spin).
-dmc/jdog
____________________________________________________________________________________
Get your own web address.
Have a HUGE year through Yahoo! Small Business.
http://smallbusiness.yahoo.com/domains/?p=BESTDEAL
More information about the Fedora-livecd-list
mailing list