The following assessment was done in answer to the question of how our Bootable CD system could be exploited to gain root access. It is based on a rapid assessment and testing process that took only about 4 hours for a group of reasonably skilled assessors with an additional 4 hours of help by an expert and includes the development team's decisions about mitigation. It is not to be taken as definitive, but rather as representative of reasonable expectations for the potential for privilege exploitation in our Bootable CD environment. Likelihood and impact values are indicated for 'secure mode' operation.

These are the only known classes of vulnerabilities that would grant root access to our Bootable CD system implemented following the tutorial and other instructions provided. Additional vulnerability and mitigation information will be provided in updates to this document available on our Bootable CD distributions and on our web site. The web site will reflect the most recent assessment while the individual CD will reflect the assessment as of the time of its release.