Main Inclusion Report for lupin
Availability: http://archive.ubuntu.com/ubuntu/pool/universe/l/lupin; available for all supported architectures
- Developed specifically for Ubuntu; no security history.
lupin-casper runs within the initramfs with root privileges; lupin-support provides an init script which runs with root privileges at boot (although only in this particular installation scenario).
- Performs no network activity.
- The only obvious possible vulnerabilities are in its handling of block devices and in its handling of preseed files. Both of these are generally considered privileged data paths anyway.
I (ColinWatson) have performed a source code review, and was responsible for the (trivial) packaging. I'm not happy with the shell style in some places, but it does not appear to do anything dangerous.
- Does not require any explicit configuration or debconf interaction, though it is designed to process the results of a Windows installer frontend.
- Not in Debian. No independent upstream.
- Does not deal with any particular types of hardware.
- Standard debhelper packaging with no patch system. Installs initramfs hooks in the usual way. FHS and Debian Policy compliant to the best of my knowledge.
- initramfs-tools, casper, procps, lsb-base. All in main.
The installer-for-windows specification calls for the ability to install into a loop-mounted filesystem within an existing Windows installation. For the most part this is implemented in existing installer components. partman-auto-loop was added in order to deal with the specialised partitioning required. A few small extra pieces are still needed in order to boot this kind of system, though. lupin-casper deals with booting the live CD from the Windows installer frontend and handles data transfer (in the form of a preseed file) from that frontend to our normal installer. lupin-support provides an init script used to adjust the kernel's virtual memory system in a way which is claimed to provide additional robustness in this installation scenario (but which I am not happy about enabling across the board).
This software is a remnant of the Linux side of Wubi.