[syslinux] Security issues with SYSLINUX 2.01
H. Peter Anvin
hpa at zytor.com
Thu Feb 6 18:41:28 PST 2003
Seth David Schoen wrote:
>
> The LNX-BBC project, which has been using SYSLINUX since our
> predecessor project got started in 1999, has used mtools (and dd)
> successfully to make bootable SYSLINUX floppies for over a year now.
>
> http://gar.lnx-bbc.org/cvs/gar/meta/lnx.img/Makefile?rev=HEAD&content-type=text/vnd.viewcvs-markup
>
> We've been very happy with the mtools approach. (We also have a
> one-line Perl substitute for rdev...) The net result is that we can
> build a complete bootable distribution image with no need for root
> privilege at all. I think that's a worthwhile feature.
>
I think you're misunderstanding me -- the issue is whether or not to use
a setuid syslinux binary or use mtools to accomplish this, not whether
it's useful.
-hpa
More information about the Syslinux
mailing list