[syslinux] Security issues with SYSLINUX 2.01

H. Peter Anvin hpa at zytor.com
Thu Feb 6 18:41:28 PST 2003


Seth David Schoen wrote:
> 
> The LNX-BBC project, which has been using SYSLINUX since our
> predecessor project got started in 1999, has used mtools (and dd)
> successfully to make bootable SYSLINUX floppies for over a year now.
> 
> http://gar.lnx-bbc.org/cvs/gar/meta/lnx.img/Makefile?rev=HEAD&content-type=text/vnd.viewcvs-markup
> 
> We've been very happy with the mtools approach.  (We also have a
> one-line Perl substitute for rdev...)  The net result is that we can
> build a complete bootable distribution image with no need for root
> privilege at all.  I think that's a worthwhile feature.
> 

I think you're misunderstanding me -- the issue is whether or not to use 
  a setuid syslinux binary or use mtools to accomplish this, not whether 
it's useful.

	-hpa




More information about the Syslinux mailing list