Installing RPMS via Customization Key

Michael Stone michael at
Fri Mar 7 02:23:41 EST 2008


It's completely unsafe to use the new USB customization keys to execute
software located on-key or on-NAND because any opportunity for arbitrary code
execution as uid 0 represents a serious threat to our first-boot activation

Since we appear to want to be able to customize images with new RPMS, this
leaves us in a somewhat sticky situation. The following patch represents one
approach to resolving the difficulty - that of postponing the running of any
commands until after the activation initramfs yields control to late userland.

Let me know what you think, both of the patch and of the approach,


More information about the Devel mailing list