[OpenWrt-Devel] V2: pre-Xmas bonus security patch

openwrt at daniel.thecshore.com openwrt at daniel.thecshore.com
Thu Dec 24 06:16:57 EST 2015

Hi all,

I have corrected this issue with failsafe mounting root (it was
due to inadvertently removing the lock that prevents preinit from
running to completion so that it stays in failsafe mode).

It turns out that it is not going to be possible to make failsafe
require passwords at this time.

There are two issues:

1) Using passwords from the user's configuration would require
using mount_root, but that defeats a large part of the reason
for using failsafe (i.e. dealing with bad config and/or failure
of mount_root).

2) preinit is 'the' init and due to the way /bin/login works
you /bin/login either has to take over the process (causing
mount_root etc to fail due to init having become login which
doens't understand them) via exec or it will simply exit 
the surrounding shell (due to use of vhangup which is used
to prevent password sniffing).

So those who want failsafe to be failsafe get their wish,
but we do now have a patch for requiring a password login during
normal operation.  It seems to me that rather than trying to
hack failsafe to have passwords, the reality is that it
ought to be possible for those concerned about the risks of
failsafe to be able to build images without it (but given
that the normal openwrt community user is experimenting a
lot, it wouldn't make sense to make that the default for
stock builds).
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org

More information about the openwrt-devel mailing list