On Thu, 3 Jan 2008, John Richard Moser wrote:
> I did not address the mass of other crap you could do to the system with
> root. I was only addressing evading the OFW security implementation for
> only booting signed OSes.
Here's another vector:
1. On a laptop that comes from the factory with the above security holes
fixed, install a current (as of Jan 2 2008) signed release (which is
signed with the same key, and therefore okay according to the XO)
2. Notice that it has (at least) the security holes described in this
thread.
3. kexec or modprobe your way to a different OS!
(4. Profit!)
-- Asheesh.
--
Mix a little foolishness with your serious plans; it's lovely to be silly
at the right moment.
-- Horace
_______________________________________________
Devel mailing list
Devel@lists.laptop.org
http://lists.laptop.org/listinfo/devel
