When to mount /lib and /usr/lib ?
Siggy Brentrup
ubuntu at psycho.i21k.de
Wed Sep 16 23:03:37 BST 2009
I'm really unsure whether this is the list to ask this question on
with upstart not yet implementing a dependency based boot sequence the
upstart-devel list seems inappropriate to me.
In the course of my tiny usb-booster project [1] security
considerations (cf [2]) make it necessary to verify the SHA256 sum
before mounting /lib resp. /usr/lib partitions from a memory stick.
The question now is if it's early enough to mount /lib when rc?.d
scripts are run or should it even be done early in inittab? Also take
into consideration that calculating the SHA256 sum of the whole /lib
partition takes about 20s while /usr/lib requires an ample 90s.
If interested you may also want to refer to [3] where I try to give
some motivation, caveats and outline how to use the approach.
If anything seems unclear feel free to use the "Ask a question" button on
[1].
Thanks in advance for your comments
Siggy
[1] https://launchpad.net/booster
[2] https://bugs.launchpad.net/booster/+bug/426362
[3] http://bazaar.launchpad.net/~bsb/booster/trunk/annotate/head%3A/README
ps: Please let me repeat what I wrote when pushing the code to lp:
DON'T YET USE THE CODE, IT'S WORK IN PROGRESS, I intend to release
it RSN.
--
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org+
|30 days until|bsb-at-psycho-dot-informationsanarchistik-dot-de|
|www.Ubucon.de|or: bsb-at-psycho-dot-i21k-dot-de|
+-------> ceterum censeo javascriptum esse restrictam <--------+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
Url : https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20090917/da26154f/attachment-0002.pgp
More information about the ubuntu-devel
mailing list