[1598] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: Root vulnerabilities in Linux

daemon@ATHENA.MIT.EDU (Andrea Arcangeli)
Mon Sep 1 11:55:33 1997

Date: Sun, 31 Aug 1997 21:08:58 +0200 (CEST)
From: Andrea Arcangeli <arcangeli@mbox.queen.it>
To: linux-security@redhat.com
In-Reply-To: <Pine.LNX.3.96.970828131933.9134A-100000@sisko.cs.twsu.edu>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

On Thu, 28 Aug 1997, John Goerzen wrote:

>NOTE: I haven't checked it out, but the other escapes to single-user mode
>in RedHat may be an issue too (for instance, if a fsck fails)

This is the part of /etc/init.d/boot that is the script executed at boot
by init.

[..]
    echo "Checking root file system..."
    fsck -a /
    #
    # If there was a failure, drop into single-user mode.
    #
    # NOTE: "failure" is defined as exiting with a return code of
    # 2 or larger.  A return code of 1 indicates that file system
    # errors were corrected but that the boot may proceed.
    #
    if [ $? -gt 1 ]
    then
      # Surprise! Re-directing from a HERE document (as in
      # "cat << EOF") won't work, because the root is read-only.
      echo
      echo "fsck failed.  Please repair manually and reboot.  Please note"
      echo "that the root file system is currently mounted read-only.  To"
      echo "remount it read-write:"
      echo
      echo "   # mount -n -o remount,rw /"
      echo
      echo "CONTROL-D will exit from this shell and REBOOT the system."
      echo
      # Start a single user shell on the console
      /sbin/sulogin $CONSOLE
      reboot -f
    fi
[..]

As you can see in Debian if the fsck fail, you will get some advice,
sulogin and then a system reboot. 

[mod: Latest redhat ask you for root's password - alex]

Andrea Arcangeli


home help back first fref pref prev next nref lref last post