[102510] in RedHat Linux List
re: Lilo security
daemon@ATHENA.MIT.EDU (Mike Hunziker)
Thu Dec 3 17:46:37 1998
Date: Thu, 03 Dec 1998 10:33:26 -0600
From: Mike Hunziker <MCHunziker@us.fortis.com>
To: redhat-digest@redhat.com
Resent-From: redhat-list@redhat.com
Reply-To: redhat-list@redhat.com
This is a feature of many flavors of unix. HPUX allows you to
bring your server to single user mode . The key here is to have some
physical security....I.E. if the machine has important or confidential data on
it on it, it should be locked up anyway so the only guy sitting at the
keyboard is the sysadmin. You will also be very glad for this feature if
you ever forget a root password.
>Indeed this is true, but there is a feature of RedHat 5.0 which appears to
>me a serious security hole: more precisely typing "single" after "linux"
>(or whatever label you have chosen to identify Linux OS) at the LILO
>promt everyone can access as root to the system without a password
>prompt!!!
>I cannot believe that there is a sysadmin that would allow to install such
>a system in a LAN since the security would be null.
>I hope that there is the possibility to fix it (in S.U.S.E. Linux there is
>also that feature, but the root password is asked for).
>Thanks in advance,
>Ivan
****************************************************************
Please Note
The information in this E-mail message is legally privileged
and confidential information intended only for the use of the
individual(s) named above. If you, the reader of this message,
are not the intended recipient, you are hereby notified that
you should not further disseminate, distribute, or forward this
E-mail message. If you have received this E-mail in error,
please notify the sender. Thank you
*****************************************************************
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
