Quote:
Maybe hijack could contain the modify-the-binary code itself, triggered by a menu somewhere.


I think I'll leave that to userspace, as a simple shell script, which invokes the program I've provided, remounting the root drive rw and then ro again afterwards. The Hijack ;@MENUEXEC could be used to invoke it.

Or even better, a remote shell script that uses FTP to mount the root drive rw, installs the program, chmods it, runs it (SITE EXEC), and then deletes it and remounts the root drive rw again.

cheers