[102484] in RedHat Linux List
Re: LILO Security problem
daemon@ATHENA.MIT.EDU (Hugo Coolens)
Thu Dec 3 11:32:19 1998
Date: Thu, 3 Dec 1998 15:57:32 +0000 ( )
From: Hugo Coolens <coolens@kahoslg.be>
To: Ivan Scagnetto <scagnett@dimi.uniud.it>
cc: redhat-list@redhat.com, "recipient.list.not.shown": ;
In-Reply-To: <199812031302.OAA29728@maxi>
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
Add the following two lines to lilo.conf
password=somethingyouchoose
restricted
then rerun lilo
regards,
Hugo
> Hello,
>
> I am a Linux beginner. The first distribution I installed on my PC was
> Slackware 3.0 and I was quite happy with it. Recently I decided to move to
> RedHat 5.0 since my friends told me that it is more stable, it is well
> supported, the installation and removal of programs is easier etc.
> Indeed this is true, but there is a feature of RedHat 5.0 which appears to
> me a serious security hole: more precisely typing "single" after "linux"
> (or whatever label you have chosen to identify Linux OS) at the LILO
> promt everyone can access as root to the system without a password
> prompt!!!
> I cannot believe that there is a sysadmin that would allow to install such
> a system in a LAN since the security would be null.
> I hope that there is the possibility to fix it (in S.U.S.E. Linux there is
> also that feature, but the root password is asked for).
>
> Thanks in advance,
>
> Ivan
>
>
> --
> PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com http://archive.redhat.com
> To unsubscribe: mail redhat-list-request@redhat.com with
> "unsubscribe" as the Subject.
>
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
