How to disable Ctrl-C during init (initial ramdisk / normal init)

Yoann Allain yallain at avilinks.com
Tue May 23 09:25:31 PDT 2006 


Michael S. Zick a écrit :

>On Tue May 23 2006 10:46, Rich Felker wrote:
>  
>
>>On Tue, May 23, 2006 at 10:22:53AM -0500, Michael S. Zick wrote:
>>    
>>
>>>On Tue May 23 2006 10:11, Rich Felker wrote:
>>>      
>>>
>>>>On Tue, May 23, 2006 at 08:09:15AM -0500, Michael S. Zick wrote:
>>>>        
>>>>
>>>>>>Or perhaps there is a way to disable stdin on console during critical 
>>>>>>phase of init?
>>>>>>
>>>>>>            
>>>>>>
>>>>>Keep the customer away from console.  Like don't wire it out of the box.
>>>>>          
>>>>>
>>>>I disagree with this principle. It's certainly reasonable to have a
>>>>kiosk or other type of system where untrusted users can access the
>>>>keyboard, and not want them to be able to perform privileged
>>>>operations using it!
>>>>
>>>>        
>>>>
>>>I was unclear - don't wire out /dev/console.
>>>
>>>Does not mean you do not bring out other devices for the attachment
>>>of keyboards accepting user input.
>>>
>>>That is: Let init run on /dev/console and allow physical access by
>>>users on /dev/something_else.
>>>      
>>>
>>While there are some additional semantics, /dev/console is the same as
>>/dev/tty0 which is in turn the same as the currently selected virtual
>>terminal. Unless of course you mean to connect /dev/console to a
>>serial device, which depends on actually having a serial device. All
>>of this sounds incredibly stupid to me. NO device, whether local,
>>remote, connected, unconnected, etc. should unconditionally allow
>>random people to interfere with system processes. It's just bad,
>>insecure system design.
>>
>>    
>>
>
>That is exactly what I said. Run the init process on a secure something.
>
>Remove the access by "random people" from the init process.  Your choice
>of method of implementation.
>
>Thank you for making it clearer than I could word it.
>
>Mike
>_______________________________________________
>busybox mailing list
>busybox at busybox.net
>http://busybox.net/cgi-bin/mailman/listinfo/busybox
>
>
>  
>

Ok so in my case, /dev/console is connected to a serial device and 
customers generally connect to it via a laptop (for example, through 
minicom) in order to configure the box (network configuration) . I need 
them to be able to log in and to configure the box via the serial port.
Then could I use /dev/something_else which could prevent the system to 
be interrupted?

Thanks a lot for helping, Yoann

More information about the busybox mailing list