maemo.org - Talk - View Single Post - Announcing INCEPTION: Deeper access to your N9 [0.1.1]

	wicket	2012-03-25 , 23:59
	Posts: 634 \| Thanked: 3,266 times \| Joined on May 2010 @ Colombia	#134

Well I knew that the purpose of opensh was to provide real root, what I didn't realise was that setuid(0), setgid(0) was used to achieve this. I'll admit I was naive to install it without knowing this but what surprised me was how nothing has been done to lock it down. To quote the author (http://maemo.cloud-7.de/HARM/N9/openmode_kernel_PR1.1/):

Q: But isn't it a big security risk?
---------------------------------
A: Not at all, as user needs to boot into open mode kernel, something that no malware
could do. Of course once you switched "to the dark side" and got opensh installed
on your system, it is basically as safe or vulnerable to malware attacks as any other
linux system, maybe marginally better still thanks aegis.

No way is the default install of opensh as safe as any Linux system. Perhaps most people here find it acceptable to be able to gain root access without some form of password or key. Fremantle's rootsh was just as vulnerable.