securing installation
Henning Glawe
glaweh at physik.fu-berlin.de
Wed Sep 12 11:36:06 CEST 2007
On Wed, Sep 12, 2007 at 11:10:56AM +0200, Michael Tautschnig wrote:
> [...]
> > The only question is where should I add the code that views the cgi script?
> > Should I add in the rcS file? And where? I guess some things have to be
> > configure first before I start the download.
> >
> I think a hook for the task confdir should do; just note that you can't put that
> into the config space :-), but it must go in the NFSROOT instead.
well, the nfsroot is usually exported to a bunch of machines, with
no_root_squash enabled... i.e. unless you have a separate "install-net"
any attacker kidnapping an IP address of a legitimate machine has full access
to the nfsroot ;)
I took a different approach, based on the assumption that the ssh private key
should never leave a client:
- in a hook partition.DEFAULT, the pre-existing installation is searched for
ssh host keys and this is copied to the tmpfs if the hostname matches (this
catches the case of a host-rename or swapped hard disk)
- in scripts/DEFAULT/40restore_hostkeys.sh, the keys from tmpfs are copied to
the freshly installed target.
- in DEFAULT/45log_public_hostkeys.sh, the pubkeys are copied to the logdir,
so they are uploaded to the logserver in task_savelog
--
c u
henning
More information about the linux-fai
mailing list