[102526] in RedHat Linux List
Re: LILO Security problem
daemon@ATHENA.MIT.EDU (Jeff Sharpe)
Thu Dec 3 18:48:08 1998
Date: Thu, 03 Dec 1998 13:36:08 -0800
From: Jeff Sharpe <jeff@sfg.com>
Reply-To: jeff@3-c.net
To: redhat-list@redhat.com, scagnett@dimi.uniud.it
X-MDaemon-Deliver-To: redhat-list@redhat.com
Resent-From: redhat-list@redhat.com
Ivan Scagnetto wrote:
>
> Indeed this is true, but there is a feature of RedHat 5.0 which appears to
> me a serious security hole: more precisely typing "single" after "linux"
> (or whatever label you have chosen to identify Linux OS) at the LILO
> promt everyone can access as root to the system without a password
> prompt!!!
> I cannot believe that there is a sysadmin that would allow to install such
> a system in a LAN since the security would be null.
:-) A lan's security is only so good as its sysadmin.
There are many options; the simplist is just put your timeout to zero --
bypasses lilo and starts the boot process. <shrug>
Of course all software security issues are null and void if the physical
security is lacking...
J
--
Jeff Sharpe
Senior Developer, SFG Tech.
--
PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
http://www.redhat.com http://archive.redhat.com
To unsubscribe: mail redhat-list-request@redhat.com with
"unsubscribe" as the Subject.
